Fun fact: you can attach to the gdbserver exposed by #rr and do #TimeTravelDebugging from #Ghidra :)

UX is similar to ret-sync.

@buherator looks like you are using rr on windows. Does this work well? I tried to get ttd to work a remote windows target in the past using windbg but gave up.

@twomikecharlie This is still Linux, I'm debugging loadlibrary: https://github.com/taviso/loadlibrary/

@twomikecharlie On Windows I'd just use WinDbg's TTD (or REVEN).

@buherator ok, ic. Do you have a similiar setup with WinDBG instead of rr? So remote debugging a windows target from Ghidra or other RE tool with TTD?

@twomikecharlie I haven't used WinDbg TTD in a remote setup, so idk if that works. With esReverse (formerly REVEN) you can do full-system TTD with Windows targets:

https://eshard.com/esreven

@buherator thxinfo. unfortunately esReverse/reven is out of my reach, since I don't look at enough win binaries to have a business case.

@twomikecharlie If that helps I think it supports multiple OS's but it's been a while since I used it.