k4lizen

Improving Documentation

The documentation in pwndbg is currently lacking and there are multiple facets that could be improved. The README itself could be made shorter with sections being factored out to their own documents/pages accessable via the https://pwndbg.re/ website. Both the https://pwndbg.re/ landing page and https://pwndbg.re/pwndbg/ are generated from the README, using different workflows - they should be merged into one. There are also some bugs like markdown not being rendered properly in certain sections.

The commands page (generated from here) should be combed through so that any missing commands are added or outdated commands updated. Ideally the page should be reworked to show the same help that is shown in the debugger (defined in the command source code and thus always up-to-date) and additionally have longer explanations, common use-cases and examples (sometimes with pictures). Simple examp

k4lizen

Adding mallocng support to pwndbg

Pwndbg has support for visualizing the allocator state of glibc malloc. This feature has evolved over the years and is currently in a really good place UX-wise, providing many useful ways to perform allocator inspection.

My GSoC 2025 project was about adding support for visualizing the state of the allocator that musl uses. In particular, the "new" allocator implementation: mallocng (released around 2020).

The journey

Glibc malloc is not the only allocator that Pwndbg supports. In userspace, jemalloc is supported (the implementation comes from a previous GSoC!) and in kernel space the linux SLUB allocator is supported. The current Pwndbg design essentially completely separates the allocator implementations. They track state separately, are invoked by separate commands, and controlled by separate configu