These days, GDB is included with Kali, so firing it up is easy; just use the following command:

# gdb

There are a lot of commands available in GDB categorized by class, so it's recommended that you review the GDB documentation offline to get a better idea of its power. We'll be looking at other debuggers later on, so we won't spend a lot of time here. Let's look at the basics.

• You can load an executable by simply passing the name and location of the file as an argument when running gdb from the command line. You can also attach GDB to an existing process with --pid.
• The info command is a powerful window into what's going on behind the scenes; info breakpoints will list and provide information about breakpoints, specific locations in the code where execution stops so you can examine it and its environment. info registers is important during any stack analysis, as it shows us what's going on with the processor's registers at a given moment. Use it with break to monitor changes to register values as the program runs.
• list will show us the source code, if it's included. We can then set breakpoints based on positions in the source code, which is extremely handy.
• run tells GDB to run the target; you pass arguments to run as you would to the target outside of GDB.
• x simply means to examine and lets us peek inside memory. We'll use it to examine a set number of addresses beyond the stack pointer. For example, to examine 45 hexadecimal words past the stack pointer ESP, we would issue x/45x $esp.