reddit hackernews mail facebook facebook linkedin


A modern experience for GDB with advanced debugging capabilities.

GEF (pronounced ʤɛf - "Jeff") is a set of commands for x86/64, ARM, MIPS, PowerPC and SPARC to assist exploit developers and reverse-engineers when using old school GDB. It provides additional features to GDB using the Python API to assist during the process of dynamic analysis and exploit development. Application developers will also benefit from it, as GEF lifts a great part of regular GDB obscurity, avoiding repeating traditional commands, or bringing out the relevant information from the debugging runtime.

A few of GEF features include:
- One single GDB script
- Entirely architecture agnostic, NO dependencies: GEF is battery-included and is installable instantly
- Fast limiting the number of dependencies and optimizing code to make the commands as fast as possible
- Provides a great variety of commands to drastically change your experience in GDB.
- Easily extensible to create other commands by providing more comprehensible layout to GDB Python API.
- Full Python3 support (Python2 support was dropped - see gef-legacy).
- Built around an architecture abstraction layer, so all commands work in any GDB-supported architecture such as x86-32/64, ARMv5/6/7, AARCH64, SPARC, MIPS, PowerPC, etc.
- Suited for real-life apps debugging, exploit development, just as much as CTF