Live Stream VOD: Building A Debugger From Scratch - TrashDBG Part 5 (Patreon)

In this Twitch stream we continue to build a debugger from scratch. The purpose of building a debugger is to gain a better understanding of how debuggers work and how the general Windows debugging process works under the hood.

In this part we complete the following work:

• Implement CREATE_PROCESS_DEBUG_EVENT
• Build an automated dumper for x86 VMProtect malware

The code is open source and posted on our GitHub: TrashDBG

The VMProtect sample we dump is a HackingTeam implant called Soldier that we analyzed in a previous stream.

All coding of the debugger is done live on stream so we can work through the challenges together as a team. Difficult challenges are documented as Issues and everyone is encouraged to add suggestions for Issues we encounter.