5 files changed, 88 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index a0896665cdf8..e1daf7bdc90b 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -170,6 +170,7 @@
     SUBDIR += fwlogwatch
     SUBDIR += gag
     SUBDIR += gcr
+    SUBDIR += gef
     SUBDIR += git-crypt
     SUBDIR += git-remote-gcrypt
     SUBDIR += git-secret
diff --git a/security/gef/Makefile b/security/gef/Makefile
new file mode 100644
index 000000000000..5a668ca48b50
--- /dev/null
+++ b/security/gef/Makefile
@@ -0,0 +1,43 @@
+# $FreeBSD$
+
+PORTNAME=	gef
+DISTVERSION=	2020.03
+CATEGORIES=	security python
+
+MAINTAINER=	0mp@FreeBSD.org
+COMMENT=	GDB Enhanced Features for exploit devs & reversers
+
+LICENSE=	MIT
+LICENSE_FILE=	${WRKSRC}/LICENSE
+
+RUN_DEPENDS=	gdb>7.7:devel/gdb
+
+USES=		python:run
+
+USE_GITHUB=	yes
+GH_ACCOUNT=	hugsy
+
+NO_ARCH=	yes
+NO_BUILD=	yes
+
+SUB_FILES=	pkg-message
+SUB_LIST=	UTILITY_NAME=${_UTILITY_NAME}
+
+PLIST_FILES=	${DATADIR_REL}/${_UTILITY_NAME}
+
+OPTIONS_DEFINE=		OPTIONALDEPS
+OPTIONS_DEFAULT=	OPTIONALDEPS
+
+OPTIONALDEPS_DESC=		Install optional dependencies for extra functionalities
+OPTIONALDEPS_RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}capstone>0:devel/py-capstone@${PY_FLAVOR} \
+				${PYTHON_PKGNAMEPREFIX}keystone-engine>0:devel/py-keystone-engine@${PY_FLAVOR} \
+				${PYTHON_PKGNAMEPREFIX}ropper>0:security/py-ropper@${PY_FLAVOR} \
+				${PYTHON_PKGNAMEPREFIX}unicorn>0:emulators/py-unicorn@${PY_FLAVOR}
+
+_UTILITY_NAME=	gef.py
+
+do-install:
+	@${MKDIR} ${STAGEDIR}${DATADIR}
+	${INSTALL_DATA} ${WRKSRC}/${_UTILITY_NAME} ${STAGEDIR}${DATADIR}
+
+.include <bsd.port.mk>
diff --git a/security/gef/distinfo b/security/gef/distinfo
new file mode 100644
index 000000000000..fb94f3b62886
--- /dev/null
+++ b/security/gef/distinfo
@@ -0,0 +1,3 @@
+TIMESTAMP = 1583166038
+SHA256 (hugsy-gef-2020.03_GH0.tar.gz) = b907e78bd532b286d27b08aca6a070d0b58062f1a1308002b332148b444784a0
+SIZE (hugsy-gef-2020.03_GH0.tar.gz) = 145026
diff --git a/security/gef/files/pkg-message.in b/security/gef/files/pkg-message.in
new file mode 100644
index 000000000000..b962441a59c9
--- /dev/null
+++ b/security/gef/files/pkg-message.in
@@ -0,0 +1,20 @@
+[
+{ type: install
+  message: <<EOM
+Now that GEF is installed it can be used with gdb(1).
+
+Run the following command in the gdb prompt to load the plugin:
+
+```
+source %%DATADIR%%/%%UTILITY_NAME%%
+```
+
+In order to load GEF automatically on gdb(1) launch add the line mentioned
+above to ~/.gdbinit:
+
+```
+echo "source %%DATADIR%%/%%UTILITY_NAME%%" >> ~/.gdbinit
+```
+EOM
+}
+]
diff --git a/security/gef/pkg-descr b/security/gef/pkg-descr
new file mode 100644
index 000000000000..ba8007954771
--- /dev/null
+++ b/security/gef/pkg-descr
@@ -0,0 +1,21 @@
+GEF (pronounced "Jeff") is a set of commands for x86/64, ARM, MIPS,
+PowerPC and SPARC to assist exploit developers and reverse-engineers when using
+old school GDB. It provides additional features to GDB using the Python API to
+assist during the process of dynamic analysis and exploit development.
+Application developers will also benefit from it, as GEF lifts a great part of
+regular GDB obscurity, avoiding repeating traditional commands, or bringing out
+the relevant information from the debugging runtime.
+
+Some of GEF features include:
+- One single GDB script.
+- Fast limiting the number of dependencies and optimizing code to make the
+  commands as fast as possible.
+- Provides more than 50 commands to drastically change your experience in GDB.
+- Easily extendable to create other commands by providing more comprehensible
+  layout to GDB Python API.
+- Built around an architecture abstraction layer, so all commands work in any
+  GDB-supported architecture such as x86-32/64, ARMv5/6/7, AARCH64, SPARC,
+  MIPS, PowerPC, etc.
+- Suited for real-life apps debugging, exploit development, just as much as CTF.
+
+WWW: https://gef.rtfd.io