“Scout” is an extendable basic debugger that was designed for use in those cases that there is no built-in debugger / gdb-stub in the debugee process / firmware. The debugger is intended to be used by security researchers in various scenarios, such as:
Collecting information on the address space of the debuggee – recon phase and exploit development
Exploring functionality of the original executable by accessing and executing selected code snippets
Adding and testing new functionality using custom debugger instructions
We have successfully used “Scout” as a debugger in a Linux Kernel setup, and in an embedded firmware research, and so we believe that it’s extendable API could prove handy for other security researchers in their research projects.