JDBG is a powerful Java debugger and reverse engineering tool that operates at runtime. It is attachable and is not limited by agent restrictions.
JDBG leverages an injected DLL along with JNI and JVMTI to provide deep insight into Java applications.
Features
- Class Analysis
- Analyse decompiled classes at runtime
- Analyse method bytecode and field definitions at runtime
- Add classes to object analysis
- Dynamically set breakpoints in bytecode
- Inspect the stack trace
- Inspect local variable values
- Planned Features
- bytecode instrumentation and class redefinitions
- static variable modification
- Static field watching
- Local variable modification for breakpoints
- Add object from stack in breakpoint to object analysis
- Object Analysis
- Add classes to object workspace
- View all instances of a class
- Apply filters using the Exprtk C++ library to obtain relevant objects
- Filters support recursive searches, e.g. obj.field1.field2 > 3 or 'hello' in obj.field1
- Planned support for arrays
- Observe object values (such as strings) and fields
- Generate graphs based on the heap relationships of objects
- Obtain pointer paths to specific objects, useful in determining classes from which they originate (especially for strings)
- Planned features
- Set field values
How to use
To use JDBG, you must have a JVM running Java 17 or higher.Building it yourself
The java client is built in Intellij while the dll is built in Visual StudioTo build the dll, you must add the /includes of your jdk to the include path (For things like jni.h and jvmti.h) You must also have the boost library for C++ installed.
You must add the dll to the /assets folder of the client Furthermore, you must build the JDBG 32bit Helper executable and add it to the assets folder of the client.
- The reason for this is to get the proper base address of kernel32.dll and LoadLibrary for 32 bit applicatons.