https://github.com/archercreat/api-tracer
api-tracer is a tiny (useless) tracer
https://github.com/archercreat/api-tracer
Last synced: 9 months ago
JSON representation
api-tracer is a tiny (useless) tracer
- Host: GitHub
- URL: https://github.com/archercreat/api-tracer
- Owner: archercreat
- Created: 2023-02-28T16:51:40.000Z (over 3 years ago)
- Default Branch: master
- Last Pushed: 2023-02-28T17:02:20.000Z (over 3 years ago)
- Last Synced: 2025-05-07T21:46:27.970Z (about 1 year ago)
- Language: C
- Size: 135 KB
- Stars: 14
- Watchers: 2
- Forks: 4
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# api-tracer - tiny (useless) tracer
api-tracer is a dynamic library that, when loaded into a process, intercepts and logs each exported function from a list of intercepted libraries. It was a fun project to test some functionality when use of DBI/Debugger is not possible.
## Usage
The project comes with the simple loader that creates suspended process and injects `trace.dll`:
```
> loader.exe --help
Usage: api-tracer: trace.dll Loader [--help] [--version] --exe VAR [--tracer VAR] args
Positional arguments:
args Arguments to pass to target executable [nargs: 0 or more] [default: {}]
Optional arguments:
-h, --help shows help message and exits
-v, --version prints version information and exits
-e, --exe Target executable to trace [default: ""]
-t, --tracer Path to tracer.dll [default: ""]
```
In order to use api-tracer, one needs to place `hooks.txt` file that contains list of dlls seperated by new line in the current directory. To filter api calls from specific modules, place `filters.txt` in the current directory with the list of modules. The output will be logged in `trace.txt` file.
## Example setup.
`filters.txt`:
```
my-awesome-program.exe
```
`hooks.txt`:
```
kernel32.dll
user32.dll
```