Skip to content

Commit

Permalink
docs: readme
Browse files Browse the repository at this point in the history
  • Loading branch information
@ndrewh
ndrewh committed Jul 9, 2024
1 parent 70abb3a commit 4e33f6f
Showing 1 changed file with 7 additions and 15 deletions.
22 changes: 7 additions & 15 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ going through GDB or ptrace.


Features:
- **Asynchronous Breakpoints/Hooks**: Inspect and modify registers
- **Breakpoints/Hooks**: Inspect and modify registers
and memory at any instruction.
- **Redirect execution**: Hooks can directly modify the program
counter; for example, to cause a function to return early or to
Expand All @@ -25,11 +25,11 @@ in the same address space as the target.
- **Graceful multithreading**: All threads share the same Python interpreter
(including globals), making it easy to write tools that
aggregate over several threads. Unlike GDB/ptrace, which suspends *all* threads
when *any* thread reaches a breakpoint, Pyda hooks execute asynchronously[*](#how-it-works)
and do not interrupt other threads.
when *any* thread reaches a breakpoint, Pyda hooks do not interrupt
other threads[*](#how-it-works).


It is intended to fufill many of the same use-cases as debuggers (e.g. GDB/Pwndbg),
Pyda is intended to fufill many of the same use-cases as debuggers (e.g. GDB/Pwndbg),
or complex dynamic instrumentation frameworks (Frida, Dynamorio, DynInst, PIN, etc.).
It was designed with CTF challenges (pwn/rev) in mind.

Expand Down Expand Up @@ -80,20 +80,12 @@ return address: 0x7f3c50420d90

See [examples/](examples/) for additional examples.

Current features:
-----
- Hooks (aka "breakpoints" if you prefer) at arbitrary instructions
- Syscall pre/post hooks
- Read and write memory
- Read and modify registers
- Supports multithreaded programs

## Limitations
- Currently Linux only
# Limitations
- Currently Linux only (please contribute Windows support!)
- Currently X86_64 only (please contribute ARM64 support!)
- All of the limitations of Dynamorio apply. The program must be reasonably well behaved.
- Some state may be shared with the target process; while Dynamorio
attempts to isolate our libc from the target, OS structures (e.g. fds)
attempts to isolate our libc (and other libraries) from the target, OS structures (e.g. fds)
are shared.

## Getting started
Expand Down

0 comments on commit 4e33f6f

Please sign in to comment.