Skip to content

Releases: hasherezade/tiny_tracer

1.4

25 Jul 07:13
Compare
Choose a tag to compare
1.4

📖 README.md

REFACT

  • Cleanup and refactoring of all the code, improved stability of tracing

FEATURE

  • Tracing of CPUID instructions
  • "Time patching": altering RDTSC output to decrease delays (defense against anti-tracing)
  • Tracing of RDTSC (optional, can be enabled in run_me.bat)
  • Allow for recursive tracing of shellcodes (optional, can be enabled in run_me.bat - option 2)

BUGFIX

  • Fixed invalid calls origins generated in some traces (Issue #5)
  • Fixed bug in the elevation script - breaking on names with spaces

Requires Intel Pin 3.7 to 3.15.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

1.3.2

13 Jul 21:55
Compare
Choose a tag to compare

BUGFIX

  • Updated the pe_check.exe helper app to recognize 32-bit .NET PEs which will be run as 64-bit

Requires Intel Pin 3.7 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

1.3.1

26 Jun 16:13
160c10e
Compare
Choose a tag to compare

FEATURES

  • Changes in run as Administrator - different method of elevation - now changes in Group Policy are not required

Requires Intel Pin 3.7 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

1.3

24 Jun 19:05
Compare
Choose a tag to compare
1.3

FEATURES

  • Added a menu to run as Administrator

Requires Intel Pin 3.7 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.


NOTE:

Make sure that your Administrator account is enabled in the group policy, otherwise Administrator mode will not run.
In Group Policy Editor:
Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> Accounts: Administrator account status:Enabled

1.2

17 Jun 19:17
Compare
Choose a tag to compare
1.2

Requires Intel Pin 3.7 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

1.1

20 Jun 19:18
Compare
Choose a tag to compare
1.1

Requires Intel Pin 3.7 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources. The project is configured to compile smoothly with Visual Studio 2017. You need to put the sources to the \source\tools in the Pin root directory, open the project and build. Build two versions, 32-bit and 64-bit. Rename them accordingly: TinyTracer32.dll and TinyTracer64.dll
Go to "install32_64" and follow the instructions to add the tool to the context menu.