This is stars and forks stats for /hasherezade/tiny_tracer repository. As of 29 Apr, 2024 this repository has 1018 stars and 128 forks.
tiny_tracer A Pin Tool for tracing: API calls, including parameters of selected functions selected instructions: RDTSC, CPUID, INT inline system calls, including parameters of selected syscalls transition between sections of the traced module (helpful in finding OEP of the packed module) Bypasses the anti-tracing check based on RDTSC. Generates a report in a .tag format (which can be loaded into other analysis tools): RVA;traced event i.e. 345c2;section: .text 58069;called: C:\Windows\SysWOW64\kernel32.dll.IsProcessorFeaturePresent 3976d;called: C:\Windows\SysWOW64\kernel32.dll.LoadLibraryExW 3983c;called: C:\Windows\SysWOW64\kernel32.dll.GetProcAddress 3999d;called: C:\Windows\SysWOW64\KernelBase.dll.InitializeCriticalSectionEx 398ac;called: C:\Windows\SysWOW64\KernelBase.dll.FlsAlloc 3995d;called: C:\Windows\SysWOW64\KernelBase.dll.FlsSetValue 49275;called: C:\Windows\SysWOW64\kernel32.dll.LoadLibraryExW 4934b;called: C:\Windows\SysWOW64\kernel32.dll.GetProcAddress ... 🚧 How to build On Windows To compile the prepared project you need to use Visual Studio >= 2012. It was tested with Intel Pin 3.28. Clone this repo into \source\tools that is inside your Pin root directory. Open the project in Visual Studio and build. Detailed description available here. To build with Intel Pin < 3.26 on Windows, use the appropriate legacy Visual Studio project. On Linux For now the support for Linux is experimental. Yet it is possible to build and use Tiny Tracer on Linux as well. Please refer tiny_runner.sh for more information. Detailed description available here. ⚙ Usage 📖 Details about the usage you will find on the project's Wiki. WARNINGS In order for Pin to work correctly, Kernel Debugging must be DISABLED. In install32_64 you can find a utility that checks if Kernel Debugger is disabled (kdb_check.exe, source), and it is used by the Tiny Tracer's .bat scripts. This utilty sometimes gets flagged as a malware by Windows Defender (it is a known false positive). If you encounter this issue, you may need to exclude the installation directory from Windows Defender scans. Since the version 3.20 Pin has dropped a support for old versions of Windows. If you need to use the tool on Windows < 8, try to compile it with Pin 3.19. 🤔 Questions? Ideas? Join Discussions!
tiny_tracer A Pin Tool for tracing: API calls, including parameters of selected functions selected instructions: RDTSC, CPUID, INT inline system calls, including parameters of selected syscalls transition between sections of the traced module (helpful in finding OEP of the packed module) Bypasses the anti-tracing check based on RDTSC. Generates a report in a .tag format (which can be loaded into other analysis tools): RVA;traced event i.e. 345c2;section: .text 58069;called: C:\Windows\SysWOW64\kernel32.dll.IsProcessorFeaturePresent 3976d;called: C:\Windows\SysWOW64\kernel32.dll.LoadLibraryExW 3983c;called: C:\Windows\SysWOW64\kernel32.dll.GetProcAddress 3999d;called: C:\Windows\SysWOW64\KernelBase.dll.InitializeCriticalSectionEx 398ac;called: C:\Windows\SysWOW64\KernelBase.dll.FlsAlloc 3995d;called: C:\Windows\SysWOW64\KernelBase.dll.FlsSetValue 49275;called: C:\Windows\SysWOW64\kernel32.dll.LoadLibraryExW 4934b;called: C:\Windows\SysWOW64\kernel32.dll.GetProcAddress ... 🚧 How to build On Windows To compile the prepared project you need to use Visual Studio >= 2012. It was tested with Intel Pin 3.28. Clone this repo into \source\tools that is inside your Pin root directory. Open the project in Visual Studio and build. Detailed description available here. To build with Intel Pin < 3.26 on Windows, use the appropriate legacy Visual Studio project. On Linux For now the support for Linux is experimental. Yet it is possible to build and use Tiny Tracer on Linux as well. Please refer tiny_runner.sh for more information. Detailed description available here. ⚙ Usage 📖 Details about the usage you will find on the project's Wiki. WARNINGS In order for Pin to work correctly, Kernel Debugging must be DISABLED. In install32_64 you can find a utility that checks if Kernel Debugger is disabled (kdb_check.exe, source), and it is used by the Tiny Tracer's .bat scripts. This utilty sometimes gets flagged as a malware by Windows Defender (it is a known false positive). If you encounter this issue, you may need to exclude the installation directory from Windows Defender scans. Since the version 3.20 Pin has dropped a support for old versions of Windows. If you need to use the tool on Windows < 8, try to compile it with Pin 3.19. 🤔 Questions? Ideas? Join Discussions!
| repo | techs | stars | weekly | forks | weekly |
|---|---|---|---|---|---|
| oroca/oroca-ros-pkg | CMakeShellC++ | 6 | 0 | 7 | 0 |
| pnathan/tta-followon | Common LispAssemblyC++ | 1 | 0 | 1 | 0 |
| bagrinsergiu/brizy-protobuf-idl | DockerfileShell | 0 | 0 | 0 | 0 |
| inworld-ai/project-origins-public | HLSLC++C | 45 | 0 | 11 | 0 |
| liam-fitzgerald/goon | hoonShell | 26 | 0 | 0 | 0 |
| ekoerp1/eaglercraft-1.15-Final-Release | HTMLJavaOther | 24 | 0 | 283 | 0 |
| Slope-Game/Slope-Game.github.io | HTMLJavaScriptCSS | 8 | 0 | 67 | 0 |
| yoimiya-kokomi/Miao-Yunzai | JavaScriptCSSHTML | 550 | 0 | 90 | 0 |
| airobotlab/KoChatGPT | Jupyter NotebookPythonShell | 266 | 0 | 95 | 0 |
| PineappleExpress808/lex-gpt | Jupyter NotebookTypeScriptPython | 336 | 0 | 57 | 0 |