Tool and Usage
|License||CC BY-NC-SA 3.0|
|Author||Long Le Dinh|
|Latest release||1.1 |
How it works
PEDA is loaded by adding it to your GDB configuration (~/.gdbinit). It then provides a list of functions within GDB.
- aslr (Show or set ASLR settings of GDB)
- checksec (Show security options of the binary)
- dumpargs (Display function arguments when stopped at a call instruction)
- dumprop (Show ROP gadgets in defined memory range)
- elfheader (Get ELF header information)
- elfsymbol (Get ELF non-debugging symbol information)
- lookup (Search for all addresses/references to addresses which belong to a memory range)
- patch (Patch memory start at an address with string/hexstring/int)
- pattern (Generate, search, or write a cyclic pattern to memory)
- procinfo (Display various info from /proc/[pid]/)
- pshow (Show various PEDA options and other settings)
- pset (Set various PEDA options and other settings)
- readelf (Get headers information from an ELF file)
- ropgadget (Get common ROP gadgets of binary or library)
- ropsearch (Search for ROP gadgets in memory)
- searchmem|find (Search for a pattern in memory)
- shellcode (Generate or download common shellcodes)
- skeleton (Generate python exploit code template)
- vmmap (Get virtual mapping address ranges)
- xormem (XOR a memory region with a defined value)
Usage and audience
PEDA is commonly used for debugging, exploit development, or reverse engineering. Target users for this tool are developers, malware analysts, pentesters, and security professionals.
- Command line interface
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + More than 2000 GitHub stars
- + The source code of this software is available
Supported operating systems
PEDA is known to work on Linux.
Similar tools to PEDA:
Radare2 is a tool to perform reverse engineering on files of all types. It can be used to analyze malware, firmware, or any other type of binary files. Read how it works in this review.
Cutter is a graphical user interface for radare2, the well-known reverse engineering framework. Read how it works in this review.
LIEF is a library to analyze executable formats like ELF, MachO, and PE. It can be used during reverse engineering, binary analysis, and malware research.
Found an improvement? Help the community by submitting an update.