A debugger gives you the ability to control/modify the behavior of the process while it is executing. The two important capabilities offered by a debugger are: (a) the ability to control execution, and (b) the ability to interrupt execution (using breakpoints). Using a debugger, you can execute one or more instructions (or select functions) before returning control to the debugger. During analysis, you will combine both the debugger's controlled execution and the interruption (breakpoint) feature to monitor a malware's behavior. In this section, you will learn about the common execution control functionalities offered by the debuggers; in later sections, you will learn how to use these features in IDA Pro ...