PyQBDIPreload consists of two main components:

  • The QBDIPreload script included in the PyQBDI library. It will load the Python runtime and execute the user script in order to instrument the target.

  • An injector script called that sets up the environment variables to inject the library and the Python runtime.


PyQBDIPreload has the same limitations as QBDIPreload and PyQBDI.

User callback

pyqbdipreload_on_run(vm: pyqbdi.VM, start: int, end: int)

This function must be present in the preloaded script

  • vm (VM) – VM Instance

  • start (int) – Start address of the range (included).

  • end (int) – End address of the range (excluded).

QBDIPreload steps

qbdipreload_on_start() and qbdipreload_on_premain() are not available on PyQBDIPreload.

The Python interpreter and the preloaded script are loaded while executing qbdipreload_on_main().

The pyqbdipreload_on_run() method is called while executing qbdipreload_on_main().

The interpreter is shut down while executing qbdipreload_on_exit(), after calling all the registered methods of atexit module.

PyQBDIPreload script

You can use as follows:

$ python3 -m pyqbdipreload <script> <target> [<args> ...]


  • script: The Python script

  • target: The binary you are targeting

  • args: Argument(s) to be passed to the binary (if any)