Книга: Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
Назад: 8. Debugging
Дальше: Kernel vs. User-Mode Debugging

Most software developers are familiar with source-level debuggers, which allow a programmer to debug while coding. This type of debugger is usually built into integrated development environments (IDEs). Source-level debuggers allow you to set breakpoints, which stop on lines of source code, in order to examine internal variable states and to step through program execution one line at a time. (We’ll discuss breakpoints in more depth later in this chapter.)

Assembly-level debuggers, sometimes called low-level debuggers, operate on assembly code instead of source code. As with a source-level debugger, you can use an assembly-level debugger to step through a program one instruction at a time, set breakpoints to stop on specific lines of assembly code, and examine memory locations.

Malware analysts make heavy use of assembly-level debuggers because they do not require access to a program’s source code.

Назад: 8. Debugging
Дальше: Kernel vs. User-Mode Debugging

sss
sss