A lightweight, command-line debugger for Linux x86_64 binaries.
Built with ptrace and pseudo-terminals, KerBug allows you to single-step through programs, inspect registers, and interact with the target process’s standard input/output.
KerBug is a minimalistic debugger designed for educational purposes and low-level system programming exploration. It demonstrates core debugging concepts such as:
- Process tracing using
ptrace - Register inspection (RIP, RSP, RBP, RDI, RSI)
- Instruction-level single-stepping
- Interaction with debugged processes via pseudo-terminals (PTY)
- Dynamic attachment using
PTRACE_ATTACHandSIGSTOP
The project is intended as a learning tool for understanding how debuggers work internally.
- Step-by-step execution of instructions
- Inspect CPU registers
- Attach to running processes
- Interact with program input/output
- Simple and extensible command-line interface
- Linux (x86_64)
g++(GCC)- Standard development libraries
g++ -o kerBug kerBug.cpp -lutilExample:
./kerBug ...after it runs enter the binary-path (e.g. /home/user/testprogram) 
- System programmers curious about debugger internals
- Students learning Linux process control and ptrace
- Security researchers exploring binary analysis tools
- Hobbyists building custom debugging tools
- Language: C++ (C++11/14)
- Platform: Linux x86_64
- Interface: Command-line
- Core APIs: ptrace, waitpid, fork, execve, pty
Created by: Fabio Baensch GitHub: KernelPhantom-010
This project is intended for educational and research purposes only.
Do not use this software to inspect or manipulate processes without proper authorization.
Unauthorized use may violate local laws and regulations.
The author assumes no liability for any misuse of this tool.