Thanks to visit codestin.com
Credit goes to Github.com

Skip to content

Releases: pwndbg/pwndbg

2025.10.20

20 Oct 21:22
@patryk4815 patryk4815
2025.10.20
This tag was signed with the committer’s verified signature.
patryk4815
Certificate subject
CN [email protected]
Certificate issuer
CN Actalis Client Authentication CA G3
O Actalis S.p.A.
Verified
Learn about vigilant mode.
0af61b5

Choose a tag to compare

View all tags
2025.10.20 Latest
Latest

This release brings improved disassembly and architecture handling (including fixes for s390x and ARM), enhanced page marker detection, new kernel BPF (kbpf) command, and various stability fixes and cleanups.

Want to support us or buy us a coffee? Visit our Pwndbg sponsors page!

Quick install

A portable version of Pwndbg can be installed as shown below.

Portable via Linux or macOS (choose one line for either GDB or LLDB):

curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-gdb
curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-lldb

Homebrew package (macOS only):

brew install pwndbg/tap/pwndbg-gdb
brew install pwndbg/tap/pwndbg-lldb

Note: On macOS the pwndbg-gdb only allows for remote debugging of ELFs.

Nix package manager (Linux/macOS):

nix shell github:pwndbg/pwndbg

Want a package for specific distro & arch? Check out setup docs and download the specific asset below.

Want latest development version? See install from source.

What's changed

Portable & Packaging

  • Fixed No package metadata was found for prompt_toolkit crash on portable releases (#3343)

General

  • Fixed missing function lookup in klookup command by adding proper existence checks (#3352, fixes #3349)
  • Added new kbpf command for inspecting kernel BPF internals (#3354)
image
  • Removed unnecessary debug symbol requirement for page marker detection, improving kernel debugging experience (#3346)
  • Added documentation page about packaging and distribution (#3355)

Architectures & Disassembly

  • Fixed branch checkmarks incorrectly appearing on certain s390x unconditional jumps (#3347)
  • Fixed bugs in ARM conditional instruction annotations (#3358, fixes #3299)
  • Improved register tracking during disassembly by manually propagating register values across instructions (#2963)

Full Changelog: 2025.10.10...2025.10.20

Assets 39

2025.10.10

09 Oct 20:55
@disconnect3d disconnect3d
2025.10.10
This tag was signed with the committer’s verified signature.
patryk4815
Certificate subject
CN [email protected]
Certificate issuer
CN Actalis Client Authentication CA G3
O Actalis S.p.A.
Verified
Learn about vigilant mode.
895e0b3

Choose a tag to compare

View all tags
2025.10.10

This release brings major improvements to LLDB support (Objective-C + Mach-O support on Darwin, better vmmap, commpage command, fzf tab completion & more), improved Linux kernel debugging without .debuginfo and other enhancements (better vmmap, new commands for dmesg/modules/config/syscall/task info dumping and paging helpers), support for dumping musl's mallocng allocators data, enhancements for disassembly, TUI, more architectures support and much more!

See What’s changed and New Contributors below for highlights of user-facing features and contributions.

Big thanks to everyone who made this possible! Support the project to help us keep improving.

Quick install

A portable version of Pwndbg can be installed as shown below.

Portable via Linux or macOS (choose one line for either GDB or LLDB):

curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-gdb
curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-lldb

Homebrew package (macOS only):

brew install pwndbg/tap/pwndbg-gdb
brew install pwndbg/tap/pwndbg-lldb

Note: On macOS the pwndbg-gdb only allows for remote debugging of ELFs.

Nix package manager (Linux/macOS):

nix shell github:pwndbg/pwndbg

Want a package for specific distro & arch? Check out setup docs and download the specific asset below.

Want latest development version? See install from source.

What’s changed

⚠️ Breaking Changes

  • Drop PWNDBG_PLEASE_SKIP_VENV option (#3139)
  • Drop PWNDBG_DISABLE_COLORS in favor of NO_COLOR (#3239)

Kernel Debugging

  • Improved vmmap output across kernel (#3020, #3086)
image
  • Added commands for kernel debugging:
    • kdmesg (#3097)
    • ktask – task info (#3099)
    • kmod – module info (#3106)
    • ksyscall – syscall info (#3103)
    • kdmabuf – DMA buf info (#3312)
  • Improved slab commands (#3135, #3204)
  • Improved paging helpers and added custom address markers (#3051, #3146, #3123)
image image
  • Improved kconfig, kmod, syscall detection, kernel type recovery (#3145, #3254, #3240)

Musl allocator (mallocng) Support

  • New commands:
    • ng-explain – explain slot layout (#3104)
    • ng-find – locate slot/group/meta by address (#3113)
    • ng-slots – inspect slots (#3144)
    • ng-metaarea, ng-ctx – inspect mallocng internals (#3164)
    • ng-vis – visualize mallocng heap (#3234)
    • ng-dump – dump heap state (#3256)
  • Added pretty printer refactor and various fixups (#3273, #3180)

Go Support

  • Fixed Go dump commands for Go 1.24+ types that rely on Go swissmaps (#3127)
  • Improved Go binaries architecture support - add mips, loongarch64, and s390x, #3128)

General

  • Added --detect flag for cyclic command to detect cyclic sequences in registers and memory (#3162)
  • Improved function variadic arguments display (#3244)
  • Added max-decimal-number that configures the max value that is displayed in decimal (bigger are displayed in hex) in the context and command outputs (#3259)
  • Add theme options for branch jump markers (disasm-branch-on, disasm-branch-off) (#3242)

GDB

  • Fix AT&T disassembly-flavor breaking non-x86 architectures (#3077)
  • Added a workaround for GDB crash when using target extended-remote + attach (#3232)

LLDB

  • Added Objective-C and Mach-O support on Darwin (#3249)
  • Improved vmmap output on Darwin (taking DYLD Shared Cache into account) (#3255)
image
  • Added commpage command to dump Apple commpage memory mapping (#3263)
  • Added support for arm64e (#3126)
  • Refined error/warning messages in CLI (#3070)
  • Added help set (#3068)
  • Improved argument parsing, launch handling, and "unknown setting" messages (#3081, #3089)
  • Improved thread selection on STOP (#3066)
  • Fixed entry command that missed run -s being executed (#3069)
  • Added fuzzy finder tab (fzf) completion (#3075)
  • Added full LLDB test driver and Debugger API tests (#3120)
  • Numerous smaller enhancements and bug fixes (#3190)

Disassembly

  • Added disasm-reg-alias config that if set, forces the disassembly to use register aliases (e.g. aarch64 x29 -> fp) (#3257)
  • Updated to Capstone 6 alpha5 (#3274)
  • Correctly disable emulation on selected instructions (#3155)
  • Fixed a bug with RISC-V ret instruction resolution (#3211)

Portable Builds

  • Fixed the install.sh script on PPC64 (#3060)
  • Include zig in portable releases (which is needed e.g. for cyclic command) (#3279)

New Contributors

Also big thanks to @k4lizen, @mbrla0 and @magnified103 for their Python Summer of Code (PSF @ GSoC 2025) contributions!

Full Changelog: 2025.05.30...2025.10.10

Contributors

gregbartell, zhouzq-thu, and 11 other contributors
Loading

2025.05.30

31 May 23:09
@disconnect3d disconnect3d
2025.05.30
1712b59
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2025.05.30

This release brings an "✘" marker for branches that won't be taken, new Linux kernel debugging commands (buddydump, msr) and improvements to the slab command, new dump-register-frame command helpful when dealing with ARM Cortex-M exceptions, improved disassembly for LoongArch64, ARM, MIPS architectures as well as initial s390x architecture support. It also comes with a lot of documentation updates and performance improvements!

The ✘ marker showcase when branch will not be taken:
image

The portable version of Pwndbg can now be installed on Linux and macOS with a one liner:

$ curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-gdb
$ curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-lldb

Note: On macOS the pwndbg-gdb only allows for remote debugging of ELFs.

See Quick install and What’s changed below or the full changelog here.

Want to support us or buy us a coffee? Visit our Pwndbg sponsors page!

Quick install

Want to download Pwndbg portable or a package for specific distro & arch? Check out the Which version to download? section at the end!

Portable via Linux or macOS (choose one line for either GDB or LLDB):

curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-gdb
curl -qsL 'https://install.pwndbg.re' | sh -s -- -t pwndbg-lldb

Homebrew package (macOS only):

brew install pwndbg/tap/pwndbg-gdb
brew install pwndbg/tap/pwndbg-lldb

Nix package manager (Linux/macOS):

nix shell github:pwndbg/pwndbg

What’s changed

General

  • Upgraded Capstone to version 6 – required for new architectures and disassembly improvements (#2766)
  • Improved documentation and rewrote much of pwndbg.re
  • Deprecated the pcplist command (#3015)
  • Removed passthrough for shell commands due to stability and security concerns (#2919)
  • The disassembly will show emulated branches that won't be taken with the ✘ marker (#3027)

New Commands

  • buddydump – Inspect Linux kernel buddy allocator state
  • msr – Read/write model-specific registers when in ring0 (during kernel debugging)
  • dump-register-frame – Dump saved register frame (useful for exception/interrupt debugging)

Kernel Debugging

  • Added full support for buddy allocator inspection on x86-64 Linux kernels (#2980)
  • Improved slab command output and handling (#2988)
  • Added msr command to inspect Model-Specific Registers (#2836)
  • Exposed additional x64 registers for QEMU-system kernel debugging (#2932)

Architectures

s390x

  • Initial support for the IBM s390x architecture (#2873)

LoongArch64

  • Capstone disassembler support for LoongArch64 (#2885)
  • Added heap (TLS) support for LoongArch64 (#2888)

Disassembly (ARM, MIPS, General)

  • Fixed ARM IT blocks in disassembly (#2922)
  • Improved behavior of MIPS disassembly after branches (#2921)
  • Fixed decoding of unknown syscall ABIs and MIPS disassembly edge cases (#2898)
  • Added Cortex-M exception return address resolution and context handling (#2807)
  • Optimized disassembly performance for several architectures (#2979)

IDA Integration

  • Added support for stack variable lookup via $ida("var_name") (#2926)

Portable Build Fixes

  • Made libiconv static for better portability (#2911)
  • Fixed .gdbinit handling in portable builds (#2947)

Which version to download?

Don't know which version to download? Here are two helpful tables: the first one, with portable packages and the second one with packages for each Linux distro.

All of those builds include and use the same version of all Pwndbg dependencies (GDB 16.2, LLDB 20.1, Python 3.12.9, latest Pwndbg, Capstone 6.0.0a4, Unicorn Engine 2.1.3, Pwntools 4.14.0, OneGadget etc.).

For install instructions see our README. Pwndbg can also be installed with Nix package manager as detailed here.

Platform Pwndbg GDB Pwndbg LLDB
Apple Silicon macOS pwndbg_2025.05.30_macos_arm64-portable.tar.xz
⚠️ Note: Pwndbg-GDB does not support debugging native Mach-O binaries. Only remote ELF debugging is supported.		 pwndbg-lldb_2025.05.30_macos_arm64-portable.tar.xz
Intel macOS pwndbg_2025.05.30_macos_amd64-portable.tar.xz
⚠️ Note: Pwndbg-GDB does not support debugging native Mach-O binaries. Only remote ELF debugging is supported.		 pwndbg-lldb_2025.05.30_macos_amd64-portable.tar.xz
x86-64/AMD64 Linux pwndbg_2025.05.30_x86_64-portable.tar.xz pwndbg-lldb_2025.05.30_x86_64-portable.tar.xz
x86-32/i686 Linux pwndbg_2025.05.30_x86_32-portable.tar.xz pwndbg-lldb_2025.05.30_x86_32-portable.tar.xz
ARM64 Linux pwndbg_2025.05.30_arm64-portable.tar.xz pwndbg-lldb_2025.05.30_arm64-portable.tar.xz
ARMv7 Linux pwndbg_2025.05.30_armv7-portable.tar.xz pwndbg-lldb_2025.05.30_armv7-portable.tar.xz
RISC-V/64 Linux pwndbg_2025.05.30_riscv64-portable.tar.xz pwndbg-lldb_2025.05.30_riscv64-portable.tar.xz
LoongArch64 Linux pwndbg_2025.05.30_loongarch64-portable.tar.xz pwndbg-lldb_2025.05.30_loongarch64-portable.tar.xz
PPC64 Linux pwndbg_2025.05.30_powerpc64-portable.tar.xz N/A
PPC64LE Linux pwndbg_2025.05.30_powerpc64le-portable.tar.xz pwndbg-lldb_2025.05.30_powerpc64le-portable.tar.xz
S390x Linux pwndbg_2025.05.30_s390x-portable.tar.xz pwndbg-lldb_2025.05.30_s390x-portable.tar.xz

| Linux distros | Pwndbg GDB - x86_64 ...

Read more
Loading

2025.04.18

19 Apr 12:29
@patryk4815 patryk4815
2025.04.18
This tag was signed with the committer’s verified signature.
patryk4815
Certificate subject
CN [email protected]
Certificate issuer
CN Actalis Client Authentication CA G3
O Actalis S.p.A.
Verified
Learn about vigilant mode.
e2bdba8

Choose a tag to compare

View all tags
2025.04.18

This is a hotfix release for the 2025.04.13 recent release. Since we made a breaking change of renaming commands with _ to -, we added the previous command name aliases which inform about it (#2891, #2878).

We also bumped the LLDB version to 20 (#2880). This is also the last release with Capstone v5.

In short this and previous (2025.04.13) release adds displaying of breakpoints in disasm view (shown as "b+" by default), new command (libcinfo), improved LLDB support (CTRL+C cancellation and programmatic controls of debugger) as well as better docs and commands & UI fixes and improvements. We now also publish portable builds for:

  • GDB and LLDB *_loongarch64-portable.tar.xz build for LoongArch64 Linux
  • Native GDB build for Apple Silicon (remote ELF debugging only)

Below, we list a more detailed changelog from 2025.04.13. For installation, see the "Which version to download?" section.

Also, want to support us? See our Pwndbg sponsors page!

image

Full Changelog for this release: 2025.04.13...2025.04.18

What's changed (in 2025.04.13)

Breaking Changes

  • Pwndbg now consistently uses dashes (-) in command names instead of underscores (_), e.g., heap-config instead of heap_config (#2857)
  • The telescope-skip-repeating-val-minimum config parameter has been renamed to telescope-skip-repeating-val-min (#2856)

General

  • The context disasm panel now marks/highlights breakpoints set by the user (#2828)
  • Updated the GDB from 15.2 to 16.2 in the portable release (#2765)
  • Added native Apple Silicon GDB build on macOS (remote ELF debugging only) (#2770)
  • New libcinfo command that displays the glibc version used by the program and link to its sources (#2842)
  • The tls command now dumps thread-local storage using a structured tcbhead_t view and has a -a flag to show full output (#2847)
  • The hexdump command:
    • Now checks for invalid addresses before dumping (#2833)
    • Is now configured with a max memory read limit of 10MB (changed with hexdump-limit-mb) to prevent GDB from getting out-of-memory (#2803)
  • UI improvements: fixed section alignment (#2764), reduced shaking (#2758), fixed wrong coloring in TUI (#2782)
  • Fixed vfile API handling in QEMU 9.1+ - fixing qemu-user vmmap (#2810)
  • Documentation and development setup improvements (#2846, #2844, #2853, #2851, #2777, #2823)

GDB

  • Improved attachp command by:
    • Setting its target to a process with a name same as currently loaded binary by default (#2819)
    • Adding an --exact flag for precise process matching (#2821)
  • Fixed setting of glibc version for heap inspection commands (set glibc 2.31) (#2871)
  • Fixed bp alias (for WinDbg users) (#2798)
  • Fixed memory reading issues across page boundaries and during remote debugging (#2795, #2840)
  • Fixed broken remote debugging behavior for context-related commands (#2732)
  • Added test for mixed-case handling in hex2ptr_common (#2778)

LLDB

  • Fixed cancellation of operations with Ctrl+C (#2805)
  • Added programmatic controls of the debugger - useful for tests, maybe for users as API (#2785)
  • Fixed process lifecycle handling when using remote connections (#2763)
  • Special handling for version command in LLDB (#2804)
  • Compatibility fixes for LLDB on Windows platforms (#2855)

...and many other improvements to internal structure, CI workflows, cleanup, installation scripts, and more!

A full changelog since previous release (2025.02.19): can be seen here:
👉 2025.02.19...2025.04.13

Which version to download?

Don't know which version to download? Here are two helpful tables: the first one, with portable packages and the second one with packages for each Linux distro.

All of those builds include and use the same version of all Pwndbg dependencies (GDB 16.2, LLDB 20.1, Python 3.12.9, latest Pwndbg, Capstone 5.0.5, Unicorn Engine 2.1.3, Pwntools 4.14.0, OneGadget etc.).

For install instructions see our README. Pwndbg can also be installed with Nix package manager as detailed here.

Platform Pwndbg GDB Pwndbg LLDB
Apple Silicon macOS pwndbg_2025.04.18_macos_arm64-portable.tar.xz
⚠️ Note: Pwndbg-GDB does not support debugging native Mach-O binaries. Only remote ELF debugging is supported.		 pwndbg-lldb_2025.04.18_macos_arm64-portable.tar.xz
Intel macOS pwndbg_2025.04.18_macos_amd64-portable.tar.xz
⚠️ Note: Pwndbg-GDB does not support debugging native Mach-O binaries. Only remote ELF debugging is supported.		 pwndbg-lldb_2025.04.18_macos_amd64-portable.tar.xz
x86-64/AMD64 Linux pwndbg_2025.04.18_x86_64-portable.tar.xz pwndbg-lldb_2025.04.18_x86_64-portable.tar.xz
x86-32/i686 Linux pwndbg_2025.04.18_x86_32-portable.tar.xz pwndbg-lldb_2025.04.18_x86_32-portable.tar.xz
ARM64 Linux pwndbg_2025.04.18_arm64-portable.tar.xz pwndbg-lldb_2025.04.18_arm64-portable.tar.xz
ARMv7 Linux pwndbg_2025.04.18_armv7-portable.tar.xz pwndbg-lldb_2025.04.18_armv7-portable.tar.xz
RISC-V/64 Linux pwndbg_2025.04.18_riscv64-portable.tar.xz pwndbg-lldb_2025.04.18_riscv64-portable.tar.xz
LoongArch64 Linux pwndbg_2025.04.18_loongarch64-portable.tar.xz pwndbg-lldb_2025.04.18_loongarch64-portable.tar.xz
PPC64 Linux pwndbg_2025.04.18_powerpc64-portable.tar.xz N/A
PPC64LE Linux pwndbg_2025.04.18_powerpc64le-portable.tar.xz pwndbg-lldb_2025.04.18_powerpc64le-portable.tar.xz
S390x Linux pwndbg_2025.04.18_s390x-portable.tar.xz [pwndbg-l...
Read more
Loading

2025.04.13

16 Apr 23:42
@disconnect3d disconnect3d
2025.04.13
9eab50b
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2025.04.13

This release introduces breakpoints display in disasm view (shown as "b+" by default), new command (libcinfo), improved LLDB support (CTRL+C cancellation and programmatic controls of debugger) as well as better docs and commands & UI fixes and improvements.

This is also the first release that ships a portable build for:

  • GDB and LLDB *_loongarch64-portable.tar.xz build for LoongArch64 Linux
  • Native GDB build for Apple Silicon (remote ELF debugging only)

Want to support us or buy us a coffee? See our Pwndbg sponsors page!

image

Read below for a more detailed summary of changes. See also Which version to download? below.

What's changed

Breaking Changes

  • Pwndbg now consistently uses dashes (-) in command names instead of underscores (_), e.g., heap-config instead of heap_config (#2857)
  • The telescope-skip-repeating-val-minimum config parameter has been renamed to telescope-skip-repeating-val-min (#2856)

General

  • The context disasm panel now marks/highlights breakpoints set by the user (#2828)
  • Updated the GDB from 15.2 to 16.2 in the portable release (#2765)
  • Added native Apple Silicon GDB build on macOS (remote ELF debugging only) (#2770)
  • New libcinfo command that displays the glibc version used by the program and link to its sources (#2842)
  • The tls command now dumps thread-local storage using a structured tcbhead_t view and has a -a flag to show full output (#2847)
  • The hexdump command:
    • Now checks for invalid addresses before dumping (#2833)
    • Is now configured with a max memory read limit of 10MB (changed with hexdump-limit-mb) to prevent GDB from getting out-of-memory (#2803)
  • UI improvements: fixed section alignment (#2764), reduced shaking (#2758), fixed wrong coloring in TUI (#2782)
  • Fixed vfile API handling in QEMU 9.1+ - fixing qemu-user vmmap (#2810)
  • Documentation and development setup improvements (#2846, #2844, #2853, #2851, #2777, #2823)

GDB

  • Improved attachp command by:
    • Setting its target to a process with a name same as currently loaded binary by default (#2819)
    • Adding an --exact flag for precise process matching (#2821)
  • Fixed setting of glibc version for heap inspection commands (set glibc 2.31) (#2871)
  • Fixed bp alias (for WinDbg users) (#2798)
  • Fixed memory reading issues across page boundaries and during remote debugging (#2795, #2840)
  • Fixed broken remote debugging behavior for context-related commands (#2732)
  • Added test for mixed-case handling in hex2ptr_common (#2778)

LLDB

  • Fixed cancellation of operations with Ctrl+C (#2805)
  • Added programmatic controls of the debugger - useful for tests, maybe for users as API (#2785)
  • Fixed process lifecycle handling when using remote connections (#2763)
  • Special handling for version command in LLDB (#2804)
  • Compatibility fixes for LLDB on Windows platforms (#2855)

...and many other improvements to internal structure, CI workflows, cleanup, installation scripts, and more!

A full changelog since previous release (2025.02.19): can be seen here:
👉 2025.02.19...2025.04.13

Community Contributions

Big thanks to our new contributors:

You’re all awesome – welcome to the Pwndbg community! 🎉

Which version to download?

Don't know which version to download? Here are two helpful tables: the first one, with portable packages and the second one with packages for each Linux distro.

All of those builds include and use the same version of all Pwndbg dependencies (GDB 16.2, LLDB 19.1, Python 3.12.9, latest Pwndbg, Capstone 5.0.5, Unicorn Engine 2.1.3, Pwntools 4.14.0, OneGadget etc.).

For install instructions see our README. Pwndbg can also be installed with Nix package manager as detailed here.

Platform Pwndbg GDB Pwndbg LLDB
Apple Silicon macOS pwndbg_2025.04.13_macos_arm64-portable.tar.xz
⚠️ Note: Pwndbg-GDB does not support debugging native Mach-O binaries. Only remote ELF debugging is supported.		 pwndbg-lldb_2025.04.13_macos_arm64-portable.tar.xz
Intel macOS pwndbg_2025.04.13_macos_amd64-portable.tar.xz
⚠️ Note: Pwndbg-GDB does not support debugging native Mach-O binaries. Only remote ELF debugging is supported.		 pwndbg-lldb_2025.04.13_macos_amd64-portable.tar.xz
x86-64/AMD64 Linux pwndbg_2025.04.13_x86_64-portable.tar.xz pwndbg-lldb_2025.04.13_x86_64-portable.tar.xz
x86-32/i686 Linux pwndbg_2025.04.13_x86_32-portable.tar.xz pwndbg-lldb_2025.04.13_x86_32-portable.tar.xz
ARM64 Linux pwndbg_2025.04.13_arm64-portable.tar.xz pwndbg-lldb_2025.04.13_arm64-portable.tar.xz
ARMv7 Linux pwndbg_2025.04.13_armv7-portable.tar.xz pwndbg-lldb_2025.04.13_armv7-portable.tar.xz
RISC-V/64 Linux pwndbg_2025.04.13_riscv64-portable.tar.xz pwndbg-lldb_2025.04.13_riscv64-portable.tar.xz
LoongArch64 Linux pwndbg_2025.04.13_loongarch64-portable.tar.xz pwndbg-lldb_2025.04.13_loongarch64-portable.tar.xz
PPC64 Linux pwndbg_2025.04.13_powerpc64-portable.tar.xz N/A
PPC64LE Linux [pwndbg_2025.04.13_powerpc64le-por...
Read more
Loading

2025.02.19 Release

21 Feb 01:52
@disconnect3d disconnect3d
2025.02.19
0d7a135
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2025.02.19 Release

This release features commands for dumping Linux kernel nftables internals, initial support for LoongArch64 architecture, fix for GDB 16+, improved LLDB support, few commands improvements as well as lots of fixes!

See What's changed and Community Contributions for a summary of user-facing changes from this release and a list of other relevant contributions from the Pwndbg team and contributors.

Want to support us or buy us a coffee? See our Pwndbg sponsors page!

What's changed

General

  • Added commands for dumping Linux kernel nftables internals: knft_dump, knft_list_tables, knft_list_chains, knft_list_rules, knft_list_exprs, knft_list_sets, knft_list_objects and knft_list_flowtables (#2679)
  • Added initial support for LoongArch64 architecture
    • Native GDB/LLDB disassemblers are used to display the code in "disasm" context section (#2693)
    • Capstone disassembly, Unicorn Engine emulation or Pwnlib related features are not there yere (we wait for upstream libraries releases support this arch which should happen in Capstone 6 and Unicorn 2.20)
  • The cymbol command can now load symbols from header files with the -f header-filepath.h flag (#2661)
  • The dumpargs command can now display formatted bit flags - currently only for mmap flags (#2740)
  • The IDA/Binary Ninja integration server can now be configured via PWNDBG_{BINJA,IDA}_SERVER_HOST and PWNDBG_{BINJA,IDA}_SERVER_PORT environment variables (#2746)
  • Speed up installation by moving to uv package manager - useful for CI builds (#2726)
  • Updated Unicorn Engine to 2.1.2 (#2731)
  • Argparse parsing errors are now displayed more user-friendly (#2711)
  • Fixed aglib's reg_write API when writing to PC register (#2539)
  • Fixed procinfo and xinfo commands when remote debugging (#2732)
  • Fixed the onegadget command printing redundant memory access errors (#2682)
  • Fixed the mp, arena and tcache ptmalloc2 glibc heap inspection commands (#2724, #2729)
  • Fixed IPython autocompletion in ipi command on portable installation (#2739)
  • Fixed PowerPC rs6000 architecture (#2741)

GDB

  • Added support for GDB 16+ (#2686)
  • Added a workaround for GDB TUI ANSI escape sequence translation bug (#2721)
  • Fixed pwndbg.aglib.file.get_file corrupting downloaded files due to incorrect gdbstub data decoding (#2730)
  • Fixed setting/syncing of parameters set via set <param> <value> (#2749)
  • Fixed gdb.Value format failure in when context sections displayed the last_signal section (#2753)

LLDB

  • Added fallback/support for architectures supported by LLDB but not supported by Capstone disassembly engine like LoongArch64 (#2693)
  • Fixed process handling when attaching to process and added support for attach <pid|name> (#2685, #2705)
  • Fixed behavior on detach (#2709)
  • Ported version and bugreport commands (#2708)

...and many many others (updates to docs, developer docs, installation, CI workflows, refactorings etc)

Also thanks to new contributors: @podd0 (#2715), @0xRavenspar (#2661) and @LorenVS (#2740)!

Full Changelog since previous release (2025.01.20) can be found at: 2025.01.20...2025.02.19

Community Contributions

Our team and Pwndbg contributors are actively contributing to the broader open-source ecosystem. Here are some of their contributions:

Which version to download?

Don't know which version to download? Here are two helpful tables: the first one, with portable packages and the second one with packages for each Linux distro.

All of those builds include and use the same version of all Pwndbg dependencies (GDB 15.2, Python 3.12.8, latest Pwndbg, Capstone 5.0.5, Unicorn Engine 2.1.2, Pwntools 4.14.0, OneGadget etc.).

For install instructions see our README. Pwndbg can also be installed with Nix package manager as detailed here.

Platform Pwndbg GDB Pwndbg LLDB
Apple Silicon macOS pwndbg_2025.02.19_macos_arm64-portable.tar.xz
⚠️ Note: Pwndbg-GDB does not support debugging native Mach-O binaries. Only remote ELF debugging is supported.		 pwndbg-lldb_2025.02.19_macos_arm64-portable.tar.xz
Intel macOS pwndbg_2025.02.19_macos_amd64-portable.tar.xz
⚠️ Note: Pwndbg-GDB does not support debugging native Mach-O binaries. Only remote ELF debugging is supported.		 pwndbg-lldb_2025.02.19_macos_amd64-portable.tar.xz
x86-64/AMD64 Linux pwndbg_2025.02.19_x86_64-portable.tar.xz pwndbg-lldb_2025.02.19_x86_64-portable.tar.xz
x86-32/i686 Linux pwndbg_2025.02.19_x86_32-portable.tar.xz pwndbg-lldb_2025.02.19_x86_32-portable.tar.xz
ARM64 Linux pwndbg_2025.02.19_arm64-portable.tar.xz pwndbg-lldb_2025.02.19_arm64-portable.tar.xz
ARMv7 Linux pwndbg_2025.02.19_armv7-portable.tar.xz pwndbg-lldb_2025.02.19_armv7-portable.tar.xz
RISC-V/64 Linux pwndbg_2025.02.19_riscv64-portable.tar.xz pwndbg-lldb_2025.02.19_riscv64-portable.tar.xz
PPC64 Linux pwndbg_2025.02.19_powerpc64-portable.tar.xz N/A
PPC64LE Linux pwndbg_2025.02.19_powerpc64le-portable.tar.xz [pwndbg-lldb...
Read more

Contributors

LorenVS, patryk4815, and 5 other contributors
Loading

2025.01.20 Release

20 Jan 10:30
@disconnect3d disconnect3d
2025.01.20
ef9a403
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2025.01.20 Release

This release features LLDB support, improved performance, bug fixes and enhanced embedded systems experience. Pwndbg can now run on macOS (both Intel & Apple Silicon) and allows for debugging Mach-O binaries.

Thanks to everyone who made it happen, especially (for most commits) to @patryk4815, @mbrla0, @peace-maker, and @fidgetingbits!

Want to support us or buy us a coffee? See our Pwndbg sponsors page!

Also, want to split Pwndbg context displays with tmux? See jcfg's blog post!

Major changes

  • New features
    • Added LLDB support. Most of Pwndbg functionality was ported to a debugger-agnostic library (aglib) that supports both GDB and LLDB. See also "When to use GDB or LLDB" and GDB vs LLDB commands.
    • Added macOS and Mach-O support via LLDB (Intel & Apple Silicon)
      • pwndbg-gdb also works on macOS, but only for remote debugging (e.g., target remote 0:1337)
    • Added support for text user interface (TUI) in GDB (set with tui layout pwndbg or tui layout pwndbg_code)
    • Added context history. The displayed contexts are saved in history and can be re-seen with contextprev and contextnext commands
  • New commands added:
    • gdt <addr> - dumps Global Descriptor Table entries from a given address
    • strings - search memory for readable strings, like with the strings CLI utility
    • jemalloc_heap, jemalloc_extent_info, jemalloc_find_extent - inspect jemalloc heap allocator structures
    • hijack-fd <fd> <newfile> - modify the process file descriptor
    • kallsyms and klookup - added Linux kernel debugging helpers for looking up symbol tables
    • profiler {start,stop} - added a profiler command to benchmark Pwndbg performance/bottlenecks
  • Improvements
    • Improved the experience with embedded systems debugging (better vmmap detection; improved vmmap_add and vmmap_load commands)
    • The ropgadget command now dumps memory and finds gadgets in all executable regions
    • context <section[s]> now has --on|--off toggle to temporarily disable sub-sections
    • plist now supports --offset and --count to limit the linked list elements to be printed
    • Added vmmap -C <N> <filter> command to display N pages before/after the filtered one
    • Speed up syntax highlighting via pygments and Pwndbg startup time
  • Others
    • Dropped Python 3.8 / Ubuntu 20.04 / Debian 11 support
    • Lots and lots of bug fixes

Full changelog

The full changelog can be found here: 2024.08.29...2025.01.20

New Contributors

Contributors

koalajoe23, peace-maker, and 16 other contributors
Loading

2024.08.29

09 Sep 11:27
@disconnect3d disconnect3d
2024.08.29
26ba400
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
2024.08.29

2024.08.29 Release

Since last release we got a lot of new features and improvements done in Pwndbg.

Among others, we now show register/memory values in disasm view for different architectures, added Binary Ninja integration, added commands helping with Go debugging, added glibc heap
UAF tracking and refactored lots of Pwndbg code for future LLDB port.

Some of this work was paid thanks to the Python Summer of Code program (@OBarronCS, @mbrla0 and @jetchirag's projects) and thanks to Trail of Bits' internships (@Aplet123 and @mbrla0 projects). Here are hightlights from their work:

Major changes

image image image image
  • Added option to search to look for assembly instructions (search --asm <code>) and to set breakpoints on found instructions (search --asmbp <code>)
  • Added vmmap --gaps which displays mapped memory with gaps instead of the normal vmmap display:
image
  • Added commands to display Android Binder driver info (experimental; #1488), and a pcp command to print Linux kernel per-cpu page cache (#1487)

Full changelog

The full changelog can be found here: 2024.02.14...2024.08.29

New Contributors

Also thanks to @patryk4815 for all the help with packaging and releases.

Contributors

dguerri, patryk4815, and 21 other contributors
Loading

2024.02.14

18 Feb 20:37
@disconnect3d disconnect3d
2024.02.14
cada600

Choose a tag to compare

View all tags
2024.02.14

2024.02.14 Release

Here is the 2024.02.14 release. Thanks to everyone who contributed!

Among others, this release brings GOT tracking mechanism, more step/break commands, mmap/mprotect syscalls, printing of linked lists, displaying of threads in context for multithreaded programs, lots and lots of fixes and more!

The release files can be used to install Pwndbg as self-contained (along with GDB, Python and all deps) package on many distros and x86-64 and arm64/aarch64 architectures. The *-portable.tar.gz archives can be just unpacked and run.

Below is a summary of changes, while the full changelog can be found further on.

Note: this release requires Python >= 3.8 (which means Ubuntu 18.04 or Debian 10 are not supported anymore).

Summary of changes

General changes:

  • Added portable Pwndbg archive to release as well as nix, rpm, deb, arch and alpine packages
  • Added $base(objfile_name) function to compute base address of given memory page, e.g. print $base(libc)+0x123 will return base of libc + 0x123
  • Context will now display threads information for multi-threaded programs
    • this is limited by context-max-threads parameter (use set context-max-threads <N> to change)
  • Added glibc heap exploitation support for libc 2.12+ (#1823)
  • Added support for FreeBSD (#1832)
  • The gdb-pt-dump git submodule was moved to a python dependency (#1929)

New commands:

  • track-got {enable,disable,info,query} ... can be used to track (#1971)
  • stepuntilasm <asm> will step through program instructions until a matching part of instruction string is found (#1798)
  • break-if-taken <loc> and break-if-not-taken <loc> will setup a breakpoint on given location of a branch instruction which will stop the program if the branch was taken or not (#1799)
  • plist ... can be used to print linked lists (#1795, #1817)
  • mmap ... and mprotect ... commands will invoke the mmap or mprotect syscalls with given arguments in the debugged program
    • note: this works by assembling a shellcode for the syscall call, placing the code on current PC/IP address, executing the syscall and reverting back the register and memory changes made
  • thread command to display threads information
  • hi command to check if an address belongs to a glibc heap chunk (#1938)
  • tips to display tips about Pwndbg usage
  • sigreturn <address> to print sigreturn x86-64 frame (#1940)

Changed commands:

  • Added telescope --frame to display stack frame information (requires BP and SP to point to the same memory region) (#1855)
  • Glibc heap commands now also print real chunk size (#1748)
  • Added spray --only-funcptrs | -x flag to spray only the memory addresses where values point to executable memory pages (#1809)
  • Added -A <N> and -B <N> flags to vmmap to display N entries after/before the filtered page (#1810)
  • The linux kernel memory pages figured out by gdb-pt-dump can now be filtered in vmmap (they have unique names) (#1837)
  • Added new arguments/options to the search memory command (#1867)
  • telescope output can now show frame pointer offsets (#1925)
  • distance <single-address> now prints offset from memory page start address (#1926)
  • Added stack -i | --inverse to show stack in reverse order (#1978)
  • Added new positional argument to cyclic command to save its output to file (so it can later be used, e.g. as run < input) (#2009)

Detailed changelog (from git log)

Read more

Contributors

anthraxx, patryk4815, and 37 other contributors
Loading

2023.07.17 packages (debian10-final, ubuntu18.04-final)

05 Oct 12:34
@disconnect3d disconnect3d
2023.07.17-pkgs
72ab4aa

Choose a tag to compare

View all tags
2023.07.17 packages (debian10-final, ubuntu18.04-final)

This is the 2023.07.17 release but which contains packages for various distributions (Debian-like using dpkg, RHEL-like using yum/rpm, Arch Linux and Alpine (.apk)).

The packages are totally self-contained: they include all what you need to run GDB+Pwndbg after installation.
They do not rely on any dependencies and are build in (hopefully) reproducible way using Nix package manager.

Please ignore the 'source code' attached, it is fr later commit than 2023.07.17. The packages were build from the 2023.07.17 version.

Loading