OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. OllyDbg is a shareware, but you can download and use it for free. Special Highlights are:
*Intuitive user interface, no cryptical commands
*Code analysis - traces registers, recognizes procedures, loops, API calls, switches, tables, constants and strings
*Directly loads and debugs DLLs
*Object file scanning - locates routines from object files and libraries
*Allows for user-defined labels, comments and function descriptions
*Understands debugging information in Borland® format
*Saves patches Between sessions, writes them back to executable file and updates fixups
*Open architecture - many third-party plugins are available
*No installation - no trash in registry or system directories
*Debugs multithread applications
*Attaches to running programs
*Configurable disassembler, supports both MASM and IDEAL formats
*MMX, 3DNow! and SSE data types and instructions, including Athlon extensions
*Full UNICODE support
*Dynamically recognizes ASCII and UNICODE strings - also in Delphi format!
Recognizes complex code constructs, like call to jump to procedure
*Decodes calls to more than 1900 standard API and 400 C functions
*Gives context-sensitive help on API functions from external help file
*Sets conditional, logging, memory and hardware breakpoints
*Traces program Execution, logs arguments of known functions
*Shows fixups
*Dynamically traces stack frames
*Searches for imprecise commands and masked binary sequences
*Searches whole allocated memory
*Finds references to constant or address range
*Examines and modifies memory, sets breakpoints and pauses program on-the-fly
*Assembles commands into the shortest binary form
*Starts from the floppy disk