OllyDbg and Learning Reverse Engineering Safely
If Sysinternals shows you what is running, OllyDbg shows you what a program is thinking — one x86 instruction at a time. In 2008 it is the standard debugger for 32-bit Windows binaries: unpack a crackme, trace a malware sample in a lab, or understand why an installer behaves oddly when the vendor will not answer support calls. OllyDbg 1.10 is the version most people use. It is freeware, debugger-only (no disassembler license debates), and extensible with plugins. ...