Full featured multi arch/os debugger built on top of PyQt5 and frida
What is Dwarf
As the title suggest, dwarf is a debugger, built on top of various frameworks and logics to simplify my life in reverse engineering tasks. In the beginning, it was an experiment and a first approach to PyQt in the attempt to give an ui to frida. It was mainly designed to work on Android but later, with a small effort, the support for iOS has been added with ease thanks to the fact they share the same arch. Nowadays, mainly thanks to the community effort and the sure fact that open-source is the path (and of course to the power of frida), Dwarf can debug on any operating system as a target and run on any desktop operating system (thanks to PyQt).
Why you shouldn’t use Dwarf:
In the “reverse engineering” scene there are a lot of context in which a debugger could be used. All the features has been coded and tested on different scenarios and thanks to the community (and a lot of if else) it handle most of the cases, but not all of them. You could meet issues, and probably you will have to patch some code.
if you are looking for something that gives you magic powers without the necessary environment, this is not the case and you should switch to another tool. Dwarf is coded also to give some space to work with an unrooted Android (in example), but most of the features would just not work. Most of the effort has been spent into bringing compatibility for Windows, aka.. all paths bring to Rome, but linux is the best vehicle.
Why you should give it a try:
- because I’m sure you could find one of the features very useful for the reason that takes you here.
- it’s open-source
- it’s built on top of the best technologies in terms of reverse engineering frida, capstone, keystone, apktool, and so on
- the guys behind the scenes are always up on slack ready to discuss new stuffs to implement
- because it kick asses