Skip to content

Releases: hasherezade/tiny_tracer

2.9.5

30 Dec 23:08
Compare
Choose a tag to compare

πŸ“– README.md

FEATURE

BUGFIX

  • Fixed emulation of the Trap Flag: improved support for tracing VMProtect protected executables - (Issue #69)

Requires Intel Pin 3.26 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

2.9

06 Dec 22:15
Compare
Choose a tag to compare
2.9

πŸ“– README.md

FEATURE

REFACT

  • Small fixes and refactoring

Requires Intel Pin 3.26 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

2.8.2

26 Aug 18:52
Compare
Choose a tag to compare

πŸ“– README.md

REFACT

  • Optimizations: increased speed of tracing, lowered memory consumption

Requires Intel Pin 3.26 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

2.8

24 Aug 17:20
Compare
Choose a tag to compare
2.8

πŸ“– README.md

FEATURE


Requires Intel Pin 3.26 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

2.7.1

26 Aug 21:01
Compare
Choose a tag to compare

πŸ“– README.md

BUGFIX

  • Fixed ANTIDEBUG=2 not working for 32-bit applications (wrong size of the passed argument)
  • Fixed backward compatibility with older Pin versions (use INS_OperandWidth instead of INS_OperandSize)

Requires Intel Pin 3.26 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

2.7

26 Aug 11:42
Compare
Choose a tag to compare
2.7

πŸ“– README.md

FEATURE

  • Allow to select whether or not debug symbols should be used for name resolution - can be enabled/disabled via INI file ( Issue #39 ) [ details ]
  • Bypass AntiDebug technique basing on Trap Flag. Resolved problems with tracing applications protected by VMProtect with Debugger Detection enabled (bypassed mode: "Debugger: User-mode + Kernel-mode") ( Issue #26 )
  • Support detecting some of the AntiVM techniques ( WMI query parameters tracing ) - can be enabled/disabled via INI file [ details ]
  • Support detecting more AntiDebug techniques ( i.e. searching for Software Breakpoints )

REFACT

  • Removed dependency from windows.h

Requires Intel Pin 3.26 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

2.6.1

14 Aug 10:51
Compare
Choose a tag to compare

πŸ“– README.md

BUGFIX

  • Use export symbols only ( Issue #39 )

Requires Intel Pin 3.26 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

2.6

12 Aug 17:51
Compare
Choose a tag to compare
2.6

πŸ“– README.md

BUGFIX

  • Fixed Tracer crashing while trying to dump some Unicode strings ( Issue #38 )

FEATURE

  • Added an option of tracking common Antidebug techniques. Bypass Trap Flag. (Issue #32) [details]
  • Added an option to track interrupts (Issue #34) [details]
  • Added functions filtering (Issue #33) [details]

Requires Intel Pin 3.26 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

2.3

20 Mar 00:19
Compare
Choose a tag to compare
2.3

πŸ“– README.md

FEATURE

  • Added a possibility to map syscalls to functions, using supplied table. Automatic syscalls to function name resolution on Windows. (More info: Wiki )
  • When syscalls table is loaded, parameters of the syscalls can be traced also by the corresponding function's name.
  • Print function's name before listing the parameters (a workaround against some concurrency issues, causing the function's parameters to be printed not immediately after the logged call)
  • Enabled syscalls logging by default

Requires Intel Pin 3.26 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.

2.2

12 Apr 16:06
Compare
Choose a tag to compare
2.2

πŸ“– README.md

FEATURE

REFACT

  • Refactored checking if the event comes from a particular module

Requires Intel Pin 3.19 or above.
I am sorry but Intel does not allow for distribution of compiled Pin Tools. So, you need to compile them from the sources.
Follow the instructions to build and install.