The number one request this month was "Please implement a Python shell so I can write scripts and play with immlib features on the fly!". This is now done. Enjoy! Next to that we continued our efforts to improve the overall debugging experience with two new libraries, libstackanalyze and Ero's Carrera pefile and two new scripts: searchcrypt and stackvar. The Immunity Debugger engine has also undergone changes to improve reliability issues, fix reported memleaks and remove some well-know bugs used for packers such as the printfloat format error (a.k.a the FLD bug). Keep in mind we still have a contest going for the best Immunity Debugger script. The winner gets a free SILICA! Get more details from .
We hope you enjoy this month's release. You can upgrade your current Immunity Debugger by going to Help/Update or directly downloading from

Feedback, Requests, and Cool Screenshots are always welcomed at
Team Immunity
PS: If you are a company, and you are looking for a person
with the right skills, try our ID Job Advertisement program:

1.1 Build 0
August 30, 2007

New Features:

o Interactive Python Shell added
o Lookaside enhanced output + Discovery option
o libdatatype "Get" Function
o Get OS information methods
o Ero Carrera's (
o Python engine rewritten to properly use thread locking/unlocking
o Added ignoreSingleStep method for immlib (TRANSPARENT + CONVENTIONAL)
o Attach process window is now dynamically searchable
o Added clean ID memory methods inside immlib
o Added Stack analyzation library (libstackanalyze)
o Fixed some memleak on Disasm
o Fixed wrong arguments on Disasm operand
o Improved Patch command
o Safeseh moved into a PyCommand

New Scripts:

o searchcrypt PyCommand
o stackvars PyCommand

Bug Fixes:

o Solved 'ij' issue inside attach window
o Fixed VCG parser (Blocks display complete address now)
o Fixed traceback error when trying to graph and not attached
o Fixed printfloat() format error
o Fixed ret value of Getaddrfromexp in case of non-existing expression