{"id":13755351,"url":"https://github.com/agustingianni/instrumentation","last_synced_at":"2025-05-10T01:30:49.945Z","repository":{"id":66966849,"uuid":"99045945","full_name":"agustingianni/instrumentation","owner":"agustingianni","description":"Assorted pintools","archived":false,"fork":false,"pushed_at":"2020-03-30T14:04:15.000Z","size":789,"stargazers_count":29,"open_issues_count":0,"forks_count":7,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-02-11T15:55:07.267Z","etag":null,"topics":["binary","binary-analysis","code-coverage","coverage","dynamic","instrumentation","pin","pintool","program-analysis","taint","taint-analysis"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/agustingianni.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2017-08-01T21:49:10.000Z","updated_at":"2024-02-11T15:55:07.268Z","dependencies_parsed_at":"2023-05-15T23:30:15.005Z","dependency_job_id":null,"html_url":"https://github.com/agustingianni/instrumentation","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/agustingianni%2Finstrumentation","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/agustingianni%2Finstrumentation/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/agustingianni%2Finstrumentation/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/agustingianni%2Finstrumentation/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/agustingianni","download_url":"https://codeload.github.com/agustingianni/instrumentation/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253349931,"owners_count":21894801,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["binary","binary-analysis","code-coverage","coverage","dynamic","instrumentation","pin","pintool","program-analysis","taint","taint-analysis"],"created_at":"2024-08-03T10:00:52.741Z","updated_at":"2025-05-10T01:30:49.436Z","avatar_url":"https://github.com/agustingianni.png","language":"C++","funding_links":[],"categories":["\u003ca id=\"e3e7030efc3b4de3b5b8750b7d93e6dd\"\u003e\u003c/a\u003e调试\u0026\u0026动态运行\u0026动态数据"],"sub_categories":["\u003ca id=\"0fbd352f703b507853c610a664f024d1\"\u003e\u003c/a\u003eDBI数据"],"readme":"# DBI Tools\nCollection of tools implemented using pintools aimed to help in the task of reverse engineering.\n\n## Warning\nSome of the code is bitrotten due to the fact that mantaining a windows build of a pintool is a very painful experience. Nonetheless, I think that they are a good resource for learning and extending a reversers toolkit.\n\n## Pinnacle\nPinnacle is an online dynamic taint analysis tool that helps an analyst locate interesting parts of a binary, that is the ones that he can influence, be it by using a file or a socket.\n\nThe tool is showcased in detail in the paper `Augmenting Vulnerability Analysis of Binary Code` which can be downloaded here [PDF](https://pdfs.semanticscholar.org/01e0/47ba02edaa55f230af2c8e11b5e99499ae50.pdf).\n\n## CodeCoverage\nSimple and somewhat fast tool to gather code coverage collection from a running process. What separates this tool from others is that we are thread safe allowing us to trace complex programs like web browsers.\n\n## Recoverer\nData type recovery tool aimed to recover classes/structures used on the heap. More details can be found on the talk `Trace surfing: a tale of data structure recovery and other yerbas.` [PDF](https://www.ekoparty.org/archivo/2012/eko8-Trace_Surfing.pdf).\n\n## Resolver\nResolver pintool that exports a json JSON file with information regarding\ninteresting bits about the application like VTABLE address, indirect branches\ndestinations and other stuff.\n\nThis tool aims to facilitate the task of the reverse-engineer while reversint big\nsoftwares. While tracing we collect information that can be then imported into IDA\nmaking the IDB more complete.\n\nThe first information collected is information about the so called \"direct_branches\". This\ninformation is collected because sometimes IDA does not detect certain functions in the code.\nWe log the entry point of the call function and then import it into IDA creating a XREF from\nthe call point to the call entry point.\n\nThe second type of information that we collect is the call point and call destination of\nindirect branches. With this information we can resolve the address of instructions like\n\"call eax\", \"jmp eax\", etc.\n\nThe third type of information collected is the \"interesting_instructions\". Here we simply collect\ninstructions that are likely to pose security threats. As of now, we collect sign extension instructions\nthat may lead to sign extension issues, and rep prefixed instructions that are also sometimes source of\ninteresting bugs. The idea behind this is that the auditor can import this information and\nmanualy look at the information provided to look for bugs.\n\nThe last type of information collected is the address of the VTABLES used by the software. We collect\nthis information using a pretty stable heuristic pattern followed by most compilers.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fagustingianni%2Finstrumentation","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fagustingianni%2Finstrumentation","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fagustingianni%2Finstrumentation/lists"}