OllyDbg was added by azrael-sub7 in Jun 2009 and the latest update was made in Oct 2018. The list of alternatives was updated Dec 2019. It's possible to update the information on OllyDbg or report it as discontinued, duplicated or spam. OllyDbg is not available for Mac but there are some alternatives that runs on macOS with similar functionality. The most popular Mac alternative is IDA.It's not free, so if you're looking for a free alternative, you could try Ghidra or radare2.
OllyDbg is a 32-bit disassembler/debugger for Microsoft Windows binary files. It is shareware and it is available here. The goal today is to provide a tour of OllyDbg and how the tool can be used in reverse engineering software or malware. OllyDbg is not available for Mac but there are some alternatives that runs on macOS with similar functionality. The most popular Mac alternative is IDA.It's not free, so if you're looking for a free alternative, you could try Ghidra or radare2.
Downlaod the zip file or clone. Extract the file to C: OllyDbg (or any other place you want).
Read this for quick start. Consult help file for details and more features.
Installation is not necessary. Create new directory and unpack odbg110.zip - now you can start!
Pop-up menus display only items that apply. Frequently used menu functions:| Function | Window | Menu command | Shortcut |
| Edit memory as binary, ASCII or UNICODE string | Disassembler, Stack Dump | Binary|Edit | Ctrl+E |
| Undo changes | Disassembler, Dump Registers | Undo selection Undo | Alt+BkSp |
| Run application | Main | Debug|Run | F9 |
| Run to selection | Disassembler | Breakpoint|Run to selection | F4 |
| Execute till return | Main | Debug|Execute till return | Ctrl+F9 |
| Execute till user code | Main | Debug|Execute till user code | Alt+F9 |
| Set/reset INT3 breakpoint | Disassembler Names, Source | Breakpoint|Toggle Toggle breakpoint | F2 |
| Set/edit conditional INT3 breakpoint | Disassembler Names, Source | Breakpoint|Conditional Conditional breakpoint | Shift+F2 |
| Set/edit conditional logging breakpoint (logs into the Log window) | Disassembler Names, Source | Breakpoint|Conditional log Conditional log breakpoint | Shift+F4 |
| Temporarily disable/restore INT3 breakpoint | Breakpoints | Disable Enable | Space |
| Set memory breakpoint (only one is allowed) | Disassembler, Dump | Breakpoint|Memory, on access Breakpoint|Memory, on write | |
| Remove memory breakpoint | Disassembler, Dump | Breakpoint|Remove memory breakpoint | |
| Set hardware breakpoint (ME/NT/2000 only) | Disassembler, Dump | Breakpoint|Hardware (select type and size!) | |
| Remove hardware breakpoint | Main | Debug|Hardware breakpoints | |
| Set single-short break on access to memory block (NT/2000 only) | Memory | Set break-on-access | F2 |
| Set break on module, thread, debug string | Options | Events | |
| Set new origin | Disassembler | New origin here | |
| Display list of all symbolic names | Disassembler, Dump Modules | Search for|Name (label) View names | Ctrl+N |
| Context-sensitive help (requires external help file!) | Disassembler, Names | Help on symbolic name | Ctrl+F1 |
| Find all references in code to selected address range | Disassembler Dump | Find references to|Command Find references | Ctrl+R |
| Find all references in code to the constant | Disassembler | Find references to|Constant Search for|All constants | |
| Search whole allocated memory | Memory | Search Search next | Ctrl+L |
| Go to address or value of expression | Disassembler Dump | Go to|Expression Go to expression | Ctrl+G |
| Go to previous address/run trace item | Disassembler | Go to|Previous | Minus |
| Go to next address/run trace item | Disassembler | Go to|Next | Plus |
| Go to previous procedure | Disassembler | Go to|Previous procedure | Ctrl+Minus |
| Go to next procedure | Disassembler | Go to|Next procedure | Ctrl+Plus |
| View executable file | Disassembler, Dump, Modules | View|Executable file | |
| Copy changes to executable file | Disassembler | Copy to executable file | |
| Analyse executable code | Disassembler | Analysis|Analyse code | Ctrl+A |
| Scan object files and libraries | Disassembler | Scan object files | Ctrl+O |
| View resources | Modules, Memory | View all resources View resource strings | |
| Suspend/resume thread | Threads | Suspend Resume | |
| Display relative addresses | Disassembler, Dump, Stack | Doubleclick address | |
| Copy | Most of windows | Copy to clipboard | Ctrl+C |
| Ctrl+F2 | Restart program |
| Alt+F2 | Close program |
| F3 | Open new program |
| F5 | Maximize/restore active window |
| Alt+F5 | Make OllyDbg topmost |
| F7 | Step into (entering functions) |
| Ctrl+F7 | Animate into (entering functions) |
| F8 | Step over (executing function calls at once) |
| Ctrl+F8 | Animate over (executing function calls at once) |
| F9 | Run |
| Shift+F9 | Pass exception to standard handler and run |
| Ctrl+F9 | Execute till return |
| Alt+F9 | Execute till user code |
| Ctrl+F11 | Trace into |
| F12 | Pause |
| Ctrl+F12 | Trace over |
| Alt+B | Open Breakpoints window |
| Alt+C | Open CPU window |
| Alt+E | Open Modules window |
| Alt+L | Open Log window |
| Alt+M | Open Memory window |
| Alt+O | Open Options dialog |
| Ctrl+T | Set condition to pause Run trace |
| Alt+X | Close OllyDbg |
| F2 | Toggle breakpoint |
| Shift+F2 | Set conditional breakpoint |
| F4 | Run to selection |
| Alt+F7 | Go to previous reference |
| Alt+F8 | Go to next reference |
| Ctrl+A | Analyse code |
| Ctrl+B | Start binary search |
| Ctrl+C | Copy selection to clipboard |
| Ctrl+E | Edit selection in binary format |
| Ctrl+F | Search for a command |
| Ctrl+G | Follow expression |
| Ctrl+J | Show list of jumps to selected line |
| Ctrl+K | View call tree |
| Ctrl+L | Repeat last search |
| Ctrl+N | Open list of labels (names) |
| Ctrl+O | Scan object files |
| Ctrl+R | Find references to selected command |
| Ctrl+S | Search for a sequence of commands |
| Asterisk (*) | Origin |
| Enter | Follow jump or call |
| Plus (+) | Go to next location/next run trace item |
| Minus (-) | Go to previous location/previous run trace item |
| Space ( ) | Assemble |
| Colon (:) | Add label |
| Semicolon (;) | Add comment |
Коллекция различных модификаций отладчика OllyDbg на все случаи жизни (Часть №1)
Каждая сборка предварительно заточена под определенные задачи
OllyDbg BoomBox [Modification]
Каждая сборка предварительно заточена под определенные задачи
OllyDbg BoomBox [Modification]
Author: BoomBox
Another OllyDbg modification, mainly changed for aesthetic reasons in an XP styles format.
Скачать: Odbg110_BoomBox.rar
Author: Esp!oN Le rAvaGe
Some useful stuff were included, like scripts and plugin's.
Скачать: OllyDBG_CiM's_Edition.rarOllyDbg DarkOlly [Modification]
Author: KOrUPt
Improvements include added stealth capabilities and improved visuals along with a few other tweaks.
Скачать: OllyDbg_Dark_Olly.rar
Author: Diablo
Its mainly got a few aesthetic changes to the layout plus it includes all the basic plugins and scripts to get a first time user up and running.
Скачать: Odbg110_Diablo's_Edition.rar
OllyDbg FOFF Edition v2.0 [Modification]
Author: Angel-55
This version of OllyDbg is moded to be undetectable by protectors or protecting formulas, it is fast and with most needed plugins for everyday cracking! A few fixes where done, some where reported by the users thanks to them some changes in code for hidding and of course speed is as always even or better..... DLL loader was added since first version hadn't one, added plugins and updated osme old version with newer ones..... Most important to note i add a new plugin manager to this package that works on DeFixed only now instead of deleting your plugins you can easly choose which to disable and which to use and return them back too without any problem.
Скачать: Odbg110_FOFF_Team_Edition_v2.0.rar
Author: Sacrafice
HanOlly.exe + HanOlly.dll - [Themida 1.9.5.0]
- This is a custom Olly and Plugin that defeats Themida 1.9.5.0 Anti-Debugger checks.
- Olly is modified the least amount possible, only bypasses debugger checks, and nothing more, very close to original 'clean' olly.
Скачать: Odbg110_HanOlly.rar
OllyDbg LifeODBG v1.4 [Modification]
Author: Life Engines
This tool can let you debug a client process as a normal process, you can use normal debugger (exp llydbg) to debug the parent process at the same time.
Скачать: Odbg110_LifeODBG_v1.4.rar
OllyDbg 9in1 for Themida [Modification]
Author: Unknown Author
A version of OllyDbg specifically modified to allow debugging of Themida protected applications.
Скачать: Odbg110_9in1_for_Themida.rar
Author: Shadow
Apart from a couple of aesthetic modifications Shadow's Olly modification has quite a few bug fixes and changes. Not much is known about exactly what changes have been made but it is regarded as being one of the better modified OllyDbg versions available.
Скачать: Odbg110_Shadow.rar
OllyDbg VMProtect Edition [Modification]
Author: Unknown Author
A version of OllyDbg specifically modified to allow debugging of VMProtect protected applications.
+ latest version of StrongOD
Скачать: OllyDBG_VMP_Edition.rar
Author: WiKiNG
Another modified version of OllyDbg 1.10.
Скачать: Odbg110_YPOGEiOS.rar
OllyDbg DRX Lite [Modification]
Author: DeRoX
- New look
- Modified code for almost perfect hiding
- Modified code for expanded windows
- Modified code for %s overflow RCE exploit
- Modified code to make symbols load properly
- OllyDRX Plugin Patcher
Скачать: Odbg110_OllyDRX_Lite.rar
Author: Shaddy
Portable version. No need configurations.
Ollydbg For Macvirtuallasopa Free
Скачать: Odbg110_Portable_OllySnD.rar
OllyDbg RAMODBG [Modification]
Ollydbg For Macvirtuallasopa Full
Author: phpbb3OllyDbg moded for ExeCryptor & THEMIDA
- Add the possibility of deleting all points of stopping Remove all breakpoints
- Auto path UDD & plugin
- Reference search directly from the toolbar
- Show offset in status bar
- Amendment to show the number of additions to the list
- Additions located
Скачать: Odbg110_RAMOllyDBG_v1.1.rar
Author: Sabre
This version has been modded to work with Themida and EXECryptor. It also has cosmetic changes to make the design and layout of OllyDbg more appealing.
Plugins and scripts provided in the archive for use on the above mentioned protectors.
Скачать: Odbg110_Sabre-Gold_Edition.rar
OllyDbg The0DBG [Modification]
Author: Unknown Author
Скачать: Ollydbg_The0DBG.rar
Author: AnTiCDLoCK
A nice modification of the original OllyDbg 1.10 engine. Contains; a quick breakpoint feature, common and popular plugins, toolbar, extra features and slight visual changes.
Скачать: Odbg110_UST_2bg.rar