Releases: hasherezade/tiny_tracer
1.4
REFACT
- Cleanup and refactoring of all the code, improved stability of tracing
FEATURE
- Tracing of CPUID instructions
- "Time patching": altering RDTSC output to decrease delays (defense against anti-tracing)
- Tracing of RDTSC (optional, can be enabled in
run_me.bat
) - Allow for recursive tracing of shellcodes (optional, can be enabled in
run_me.bat
- option 2)
BUGFIX
- Fixed invalid calls origins generated in some traces (Issue #5)
- Fixed bug in the elevation script - breaking on names with spaces
Requires Intel Pin 3.7 to 3.15.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.
1.3.2
BUGFIX
- Updated the
pe_check.exe
helper app to recognize 32-bit .NET PEs which will be run as 64-bit
Requires Intel Pin 3.7 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.
1.3.1
FEATURES
- Changes in
run as Administrator
- different method of elevation - now changes in Group Policy are not required
Requires Intel Pin 3.7 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.
1.3
FEATURES
- Added a menu to run as Administrator
Requires Intel Pin 3.7 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.
NOTE:
Make sure that your Administrator account is enabled in the group policy, otherwise Administrator
mode will not run.
In Group Policy Editor:
Computer Configuration
-> Windows Settings
-> Security Settings
-> Local Policies
-> Security Options
-> Accounts: Administrator account status
:Enabled
1.2
Requires Intel Pin 3.7 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.
1.1
Requires Intel Pin 3.7 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources. The project is configured to compile smoothly with Visual Studio 2017. You need to put the sources to the \source\tools
in the Pin root directory, open the project and build. Build two versions, 32-bit and 64-bit. Rename them accordingly: TinyTracer32.dll and TinyTracer64.dll
Go to "install32_64" and follow the instructions to add the tool to the context menu.