Skip to content

Koinsec/Koin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
README.md
README.md
 
 
koin_1.0-1_amd64.deb
koin_1.0-1_amd64.deb
 
 
main.c
main.c
 
 

Repository files navigation

Screenshot from 2025-10-14 14-59-19

Koin

Developed by Koinsec

This tool is used to get syscalls and memory dumps of executables.

 m    m          "          
 #  m"   mmm   mmm    m mm  
 #m#    #" "#    #    #"  # 
 #  #m  #   #    #    #   # 
 #   "m "#m#"  mm#mm  #   # 
                            
                            
Developed by Koinsec

Usage: koin [--dump-dir DIR] [--rwxdump-interval N] [--per-map-limit BYTES] --target <prog> [args...]

Example

                           
 m    m          "          
 #  m"   mmm   mmm    m mm  
 #m#    #" "#    #    #"  # 
 #  #m  #   #    #    #   # 
 #   "m "#m#"  mm#mm  #   # 
                            
                            
Developed by Koinsec

{"event":"syscall_entry","ts_ns":1760436698656477827,"pid":55156,"syscall":59,"regs":{"orig_rax":"0x3b","rax":"0xffffffffffffffda","rdi":"0x7ffed8a6a6d0","rsi":"0x7ffed8a6b538","rdx":"0x7ffed8a6b550","r10":"0x0","r8":"0xfff","r9":"0x7e2e14521740"},"ptr_snippet":"kȦ��"}

{"event":"syscall_exit","ts_ns":1760436698656747397,"pid":55156,"syscall_ret":-2}
{"event":"syscall_entry","ts_ns":1760436698656857094,"pid":55156,"syscall":59,"regs":{"orig_rax":"0x3b","rax":"0xffffffffffffffda","rdi":"0x7ffed8a6a6d0","rsi":"0x7ffed8a6b538","rdx":"0x7ffed8a6b550","r10":"0x0","r8":"0xfff","r9":"0x7e2e14521740"},"ptr_snippet":"kȦ��"}

{"event":"syscall_exit","ts_ns":1760436698656913011,"pid":55156,"syscall_ret":-2}
{"event":"syscall_entry","ts_ns":1760436698656934904,"pid":55156,"syscall":59,"regs":{"orig_rax":"0x3b","rax":"0xffffffffffffffda","rdi":"0x7ffed8a6a6d0","rsi":"0x7ffed8a6b538","rdx":"0x7ffed8a6b550","r10":"0x0","r8":"0xfff","r9":"0x7e2e14521740"},"ptr_snippet":"kȦ��"}

{"event":"syscall_exit","ts_ns":1760436698656970398,"pid":55156,"syscall_ret":-2}
{"event":"syscall_entry","ts_ns":1760436698656991076,"pid":55156,"syscall":59,"regs":{"orig_rax":"0x3b","rax":"0xffffffffffffffda","rdi":"0x7ffed8a6a6d0","rsi":"0x7ffed8a6b538","rdx":"0x7ffed8a6b550","r10":"0x0","r8":"0xfff","r9":"0x7e2e14521740"},"ptr_snippet":"kȦ��"}

{"event":"syscall_exit","ts_ns":1760436698657512207,"pid":55156,"syscall_ret":0}
{"event":"syscall_entry","ts_ns":17604366 .......

Social media pages

https://www.instagram.com/koinsec/ https://x.com/Koinsec

About

Koin intercepts syscalls and volatile memories of an executed program

Topics

memory hacking forensics computer-architecture

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages