Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creation, and a large and well supported Python API for easy extensibility.
A debugger with functionality designed specifically for the security industry
Cuts exploit development time by 50%
Simple, understandable interfaces
Robust and powerful scripting language for automating intelligent debugging
Lightweight and fast debugging to prevent corruption during complex analysis
Connectivity to fuzzers and exploit development tools
The Best of Both Worlds
Immunity Debugger's interfaces include the GUI and a command line. The command line is always available at the bottom of the GUI. It allows the user to type shortcuts as if they were in a typical text-based debugger, such as WinDBG or GDB. Immunity has implemented aliases to ensure that your WinDBG users do not have to be retrained and will get the full productivity boost that comes from the best debugger interface on the market.
Commands can be extended in Python as well, or run from the menu-bar.
Just copied a section from there web site check it out,The main thing is that you can write your own python plugin's.I've also uploaded some python plugin's that have been wrote by people in the openrce comunity.Great tool for any one that is into exploit development.Alot like olldbg but with a few bug fix's,The main thing's is it's completely free.
http://www.immunitysec.com/products-immdbg.shtml
================================================
Plugin's that have been created so far are listed below.
1).!ASLRdynamicbase.py
The ASLRdynamicbase.py PyCommand will inspect each loaded module, and report whether the PEHeader contains the relevant information indicating it is compatible with Vista's ASLR implementation (DLLCharacteristics). It is interesting to note some of the Microsoft Office 2007 modules, Groove in particular, have not be compiled with the /dynamicbase option set. The same goes for the Apple Bonjour service DLL installed with Safari for Windows 3.0, providing a nice, stable set of opcodes within the svchost.exe processes that also houses many RPC interfaces.
Install by copying this file into the PyCommands\ folder, and from within the running debugger issue the !ASLRdynamicbase command.
2).Findtrampoline.py
Findtrampoline.py is a simple Immunity Debugger 'PyCommand' script. It finds a suitable trampoline to the chosen register. These could be suitable addresses to use in overwriting the saved return address, when exploiting a classic stack overflow.
This is similar functionality to eEye's findjmp and Metasploit's msfpescan tools.
Install by copying this file into the PyCommands\ folder, and from within the running debugger issue the !findtrampoline <register> command. It will search for the basic jmp, call and push/ret combinations to direct execution into a register which points to our shellcode.
3).!funcdump.py
Some here may be interested in my first extension PyCommand script for the Immunity Debugger. funcdump.py allows a quick and clean report of the functions found within the loaded module. funcdump is designed to handle correctly those PE's which do not load at 0x00400000 in process address space.
I've realised it's handy having a window at the side recording all functions, and by simply highlighting and pressing Enter or double clicking the analyst can jump to the required function.
Installation simply involves copying the funcdump.py script into the PyCommands folder, and then issuing the !funcdump command within the debugger itself. I used this as an learning introduction to ID's Python API, and I look forward to seeing further extensions from this community.
All of these can be found in the zip file posted below.