How x86 Jumps REALLY Work: EFLAGS Truth with GDB + pwndbg

All x86 conditional jumps (ja, jb, je, etc.) are triggered by EFLAGS — not by syntax or code order. Hands-on with GDB and pwndbg to see exactly which flag fires each branch.

July 11, 2025
Harrison Guo
Video by: HarrisonSecurityLab
Published on YouTube: 2025-07-11
x86 Assembly GDB pwndbg Reverse Engineering Malware Analysis EFLAGS

Real reverse engineers know: every x86 conditional jump is decided by EFLAGS bits — ZF, SF, CF, OF — not by what your source code looked like. This short demonstration uses GDB + pwndbg to make the flags visible while stepping through a hand-crafted instruction sequence.

If you’ve ever wondered why a jge fires when you expected a jl, the answer is always in the flag register.

🎧 More Ways to Consume This Content

Read the Blog Post HarrisonSecurityLab Podcast

Comments

This space is waiting for your voice.

Comments will be supported shortly. Stay connected for updates!

Preview of future curated comments

This section will display user comments from various platforms like X, Reddit, YouTube, and more. Comments will be curated for quality and relevance.

[ Connect_With_Me ]

© 2026 HarrisonSec. All rights reserved.