Why use OllyDbg over standard IDE Debugger?
Recently went for an interview and was asked if I had used OllyDbg before. In fact I have never heard of it, and after looking it up I cant come up with a use case. I am familiar with debugging in general, and used them with various IDE's.
Can some one explain the difference between OllyDbg and a standard IDE debugger and why you would use it?
Thanks
ollydbg is a debugger that is more user friendly
with binaries that do not have source
it is an assembly level debugger it uses heuristics to analyze and provide a better view of the input
ide debuggers tend to be more source level oriented
when you would look at the assembly of an ide debugger what would look like gibberish would be neatly formatted in ollydbg
that is the main use case for ollydbg
a screen shot showing a test.exe (no symbols / debug info / source it is a wild binary) being debugged by visual studio as well as ollydbg
visual studio commandline
devenv /debugexe test.exe -> f10
ollydbg commandline
ollydbg test.exe
- JNZ & CMP Assembly Instructions
- Copy unicode string to clipboard isn't working
- Why conditional breakpoint doesn't work in some address in ollydbg?
- How to know number of parameters in x86-64 assemble(windows)
- Decompiling x86 PE binary to C?
- can you debug 64bit target apps with Ollydbg 1.1?
- How do I bypass IsDebuggerPresent with OllyDbg?
- How to create a breakpoint using ollydbg for a winApi function call, e.g. a breakpoint for a GetDigiItemA function call?
- Differences in OllyDbg and IDA PRO for MOVSX EDX, BYTE PTR [ESP+ECX+8] command
- Why my start address in Ollydbg is different than other people
- How to correctly print address of a variable in memory?
- Ollydbg 1.10 "Back to user mode" doesn't work
- ollydbg - how to keep debugged program window open
- How to find OEP when the address of entry point is zero in PE header?
- Why use OllyDbg over standard IDE Debugger?
- OllyDbg : 'Label expected' issue
- Why is "_main" symbol not found when .exe file is loaded in x64dbg?
- Execute function from ollydbg?
- CreateFile function fail reading a file even if it exists, error code -1
- Memory map in Debuggers
- Code\Data segment overlapping
- How to use Ollydbg with multi-threaded programs?
- OllyDbg doesn't work in Windows 7 x64
- How to put a HASH bytes in a memory address with OllyDbg
- Using the Ollydbg,anyone tell me what the address of the variable "a" is?
- Assembly: Memory address of variables in C Programming
- Cheat Engine vs Ollydbg
- How to set a conditional break point when a instruction is dealing with an address on a specific range?
- Angle brackets in x86 Intel assembly
- How to call a function located in an executable from a loaded DLL?