i Immunity Debugger – All things in moderation

Immunity Debugger

Introduction
Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry’s first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility.
Immunity Debugger’s interfaces include the GUI and a command line. The command line is always available at the bottom of the GUI. It allows the user to type shortcuts as if they were in a typical text-based debugger, such as WinDBG or OllyDbg. Immunity has implemented aliases to ensure that your WinDBG users do not have to be retrained and will get the full productivity boost that comes from the best debugger interface on the market.

How to install Immunity Debugger on windows?

Step 1: Install Python 2.7
Download Python 2.7 in here.

download-python 2.7

Download complete. We will install Python 2.7.
Double click on file .msi
install python 2.7

Select directory install python 2.7.

select directory

Custormize Python

costumize python

Click “Next” we will install Python 2.7

Step 2: Install Immunity Debugger
Download Immunity Debugger.
Download complete. We will install Immunity Debugger.
Double click on file .exe

Select directory install Immunity Debugger.

Click “Install” we will start install Immunity Debugger.

How to use Immunity Debugger

With Immunity Debugger you can debugger program by two way.
You can Open executable file of program
Go to File -> Open

Select file you want debugger.

Or you can debugger by open process.

Select process and click “Attach”.

Install plugin on Immunity
If you install PyCommand you can download plugin and copy to folder:
C:\Program Files\Immunity Inc\Immunity Debugger\PyCommands

With plugin, it’s easy, just download the zip file, extract the plugin (OllyMSDN.dll) and copy it to the debugger’s program files folder.

The next step is to run the debugger, go to the menu “Help” and click on “Select API help file”. Then we have to select the old .HLP file, or at least any other file as long as it has the exact same name (it’s not going to be used anyway). The name matters because it’s the way the plugin can tell Olly is trying to load the Win32 API help and not just any other help file like, say, the user manual.

Interface Immunity Debugger:

Tag Dump Memmory

Dump memmory

Leave a Reply