https://github.com/brainsmoke/ptrace-burrito

a friendly wrapper around ptrace
https://github.com/brainsmoke/ptrace-burrito

dynamic-analysis ptrace systems

Last synced: 8 months ago
JSON representation

a friendly wrapper around ptrace

• Host: GitHub
• URL: https://github.com/brainsmoke/ptrace-burrito
• Owner: brainsmoke
• License: other
• Created: 2019-01-04T13:30:50.000Z (almost 7 years ago)
• Default Branch: master
• Last Pushed: 2022-03-18T21:14:20.000Z (over 3 years ago)
• Last Synced: 2024-10-28T15:42:15.752Z (about 1 year ago)
• Topics: dynamic-analysis, ptrace, systems
• Language: C
• Size: 155 KB
• Stars: 126
• Watchers: 8
• Forks: 7
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

• awesome-hacking-lists - brainsmoke/ptrace-burrito - a friendly wrapper around ptrace (C)

README

          

Ptrace-burrito, a friendly wrapper around ptrace

========

A plugin style wrapper around ptrace on Linux.

Supports:

* Tracing a complete process tree

* Attaching to running processes

* Hardware breakpoint/watchpoint support

* Automatic persistent breakpoints across exec

* Injecting system calls

* On-demand switching from/to step tracing

* Step-tracing & using watchpoints & getting syscall events at the same time

* Graceful detach

* Some very basic symbol resolution

* Easy tags support to record code-coverage on binaries

For now, only Linux-x86\_64 is supported, but architecture specific code is

contained in only a few sections.

For a How-To best check out the [examples](examples/)

![screenshot of examples/libc/trace\_libc\_func](img/ptrace-burrito.png)