Skip to content

1.4
Compare
Choose a tag to compare
@hasherezade hasherezade released this 25 Jul 07:13
· 493 commits to master since this release
1.4
67ed5b3

πŸ“– README.md

REFACT

  • Cleanup and refactoring of all the code, improved stability of tracing

FEATURE

  • Tracing of CPUID instructions
  • "Time patching": altering RDTSC output to decrease delays (defense against anti-tracing)
  • Tracing of RDTSC (optional, can be enabled in run_me.bat)
  • Allow for recursive tracing of shellcodes (optional, can be enabled in run_me.bat - option 2)

BUGFIX

  • Fixed invalid calls origins generated in some traces (Issue #5)
  • Fixed bug in the elevation script - breaking on names with spaces

Requires Intel Pin 3.7 to 3.15.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

Assets 2
Loading