– Straightforward API: instantiate an object and call three methods to debug a program until a fatal exception or zero CPU usage.
– A debugger based on Windows Debugger Engine (DbgEng).
– Peach-like crash analysis: a debugger output, registers, a call stack, !exploitable output and (optionally) an input file causing a crash are stored when the crash occurred.
– Means to control a debuggee: kill-on-idle, kill-on-time-elapsed, debug subprocesses, enable PageHeap.
Many fuzzing frameworks have great abilities to debug programs and to catch crashes but those features are skulked beneath interfaces the frameworks provide. I needed a library that abstracts a piercing debugger and lets me focus on writing fuzzers with C/C++ that do not depend on framework interfaces, scripting languages, etc. As a result, Anabasis can be used from any technology or language supporting native .dll loading.
+ Install Visual C++ Redistributable for Visual Studio 2015.
+ Install Visual C++ Redistributable for Visual Studio 2012 Update 4 (required by MSEC.dll !exploitable extension
git clone https://github.com/RVRT/Anabasis
ExampleDebugger.exe --command-line TestWinDebuggerAccessViolation.exe --verbose-output