For better or worse, Java applications are all over the place. Our favorite cross-platform nightmare can be seen basically everywhere, powering all types of software. We can observe it in the wild running at the heart of an Android application, acting as the backend of a web application, and sometimes even pretending to be a desktop application. The popularity of Java means we, as security professionals, need to be able to understand and dissect Java applications effectively. An essential tool in accomplishing this is a powerful debugger. When it comes to Java, many Integrated Development Environments (IDEs) come bundled with a debugger. These include Netbeans, Eclipse, and IntelliJ IDEA. However, a command line user will find options limited. A popular choice is jdb, the Java DeBugger. jdb is a command line debugger created as a demonstration of the Java Platform Debugger Architecture (JPDA). Basically, it's a proof of concept that has kinda become the standard for command line Java debugging. This isn't ideal. As such, I've set out to make a better Java debugger. Starting where Oracle left off, I have been aiming to bring jdb up to the level of other powerful debuggers by implementing some much needed functionality. Functionality such as command history, tab completion, more intuitive keybindings, and various other features suggested by fellow security professionals. This talk focuses on my work so far, and my continuing work, on the path to making the jdb dream come true.
Billy McLaughlin is an Associate Security Analyst for Independent Security Evaluators, where he is challenged with assessing security implementations for Fortune 500 companies including DRM and cryptographic systems, and secure configurations/development for mobile and web applications. Mr. McLaughlin holds a dual B.S. in Computer Science and Computer Security and is pursing an M.S. in Computer Science, both at East Stroudsburg University of Pennsylvania. Security was a hobby during his years as a student, and it has evolved into a profession.