Cyber Security Academy · Lesson

Dynamic Analysis with GDB and pwndbg

Set breakpoints, inspect memory, trace syscalls, and automate GDB sessions with pwndbg.

What is Dynamic Analysis?

Dynamic analysis runs a binary and observes its behavior in real-time: memory contents, register values, system calls, network connections. Complements static analysis (Ghidra) by showing actual runtime values and control flow.

GDB Basics

GDB (GNU Debugger) is the standard Linux debugger:

gdb ./vuln              # load binary
gdb -p 1234             # attach to running process
run [args]              # start execution
break main              # set breakpoint at main
continue (c)            # continue execution
next (n)                # step over
step (s)                # step into

All lessons in this course

Ghidra: Navigating and Annotating Binaries
x86/x64 Assembly Essentials for Reversers
Dynamic Analysis with GDB and pwndbg
Deobfuscation and Anti-Analysis Tricks

← Back to Cyber Security Academy