Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/hasherezade/pin_n_sieve
An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
https://github.com/hasherezade/pin_n_sieve
Last synced: about 1 month ago
JSON representation
An experimental dynamic malware unpacker based on Intel Pin and PE-sieve
- Host: GitHub
- URL: https://github.com/hasherezade/pin_n_sieve
- Owner: hasherezade
- Created: 2021-07-17T19:43:04.000Z (over 3 years ago)
- Default Branch: master
- Last Pushed: 2024-08-21T13:03:06.000Z (4 months ago)
- Last Synced: 2024-08-22T00:55:00.832Z (4 months ago)
- Language: C++
- Homepage:
- Size: 3.74 MB
- Stars: 56
- Watchers: 6
- Forks: 7
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - hasherezade/pin_n_sieve - An experimental dynamic malware unpacker based on Intel Pin and PE-sieve (C++)
README
# Pin'n'Sieve
[](https://github.com/hasherezade/pin_n_sieve/releases)
[](https://ci.appveyor.com/project/hasherezade/pin-n-sieve)
A dynamic malware unpacker based on Intel Pin and PE-sieve (deploys PE-sieve scan on specific triggers). **Caution: during the process the malware will be deployed. Use it on a VM only.**
### WARNING: this is an *experimental version*
How to build?
-
To compile the prepared project you need to use [Visual Studio >= 2012](https://visualstudio.microsoft.com/downloads/). It was tested with [Intel Pin 3.28](https://software.intel.com/en-us/articles/pin-a-binary-instrumentation-tool-downloads).
Using PE-sieve [v0.3.8](https://github.com/hasherezade/pe-sieve/releases/tag/v0.3.8)
1. Clone this repo into `\source\tools` that is inside your Pin root directory.
2. Open the project in Visual Studio.
3. The other installation steps are analogous to the ones explained in [this Wiki](https://github.com/hasherezade/tiny_tracer/wiki/Installation).