Questions tagged [instrumentation]
Instrumentation is the process of injecting probe functions into a code (executable, source code, ...) for measurement purposes. It is extensively used for *profiling* or *dynamic-analysis* by tools like Valgrind, MAQAO, DynInst, and many others.
42 questions
1 vote
1 answer
300 views
Inject ELF with an entierly self-contained code section that can statically call standard library functions
What I want to do What I want to do is inject an existing ELF binary with additional code that runs before the original .text section and then transfers control back to it. What I can already do Now, ...
- 111
2 votes
1 answer
97 views
In Pintool, How to find the name of an routine's caller?
I want to trace the mutex variables in my rust program(e.g. which mutex called lock() and unlock() methods). And I think there're static methods.
- 21
2 votes
0 answers
257 views
PinTools Multi-threaded example (inscount_Tls.cpp): only one thread outputs
I am studying PinTools multithread example inscount_tls.cpp. When I change the number of thread to 3, only 1 thread outputs the result. Is anyone familiar with Intel Pintools instruments that can give ...
- 41
0 votes
1 answer
118 views
Dynamic instrumentation tool for injecting assembly
I'm not sure about all tools. But afaik at least with Frida functions are patched and new code is added to other memory regions and then jumped to. The rest of the code layout stays the same. Is there ...
- 1
1 vote
0 answers
430 views
How to add Instructions (OpCodes) after a If Statement in C#?
I hope someone can help me out with my problem. Currently I'm working with C# and use the library Mono.Cecil to add Instruction Code before a method exits. There is this one case, when a if statement ...
-1 votes
1 answer
287 views
Instrument memory accesses of python scripts
My research requires processing memory traces of applications. For C/C++ programs, this is easy using Intel's PIN library. However, as suggested here https://stackoverflow.com/questions/51835532/use-...
0 votes
0 answers
132 views
Pin DBI tool - Create executable
I'm starting to learn Intel's Pin framework and I can't figure out if it's possible to create an executable. I mean, rather than creating a module and forcing people to download Pin + the module, is ...
- 1
1 vote
0 answers
680 views
Miasm VS Triton - which to choose? [closed]
Hello and thank you for reading my question, I was wondering, which is the right tool for me to choose according to the following: I will be using it mainly for Malware analysis and for exploit ...
- 11
0 votes
1 answer
314 views
modern instrumentation for reversing and researching [closed]
i am really glad i found this great site and wanted to ask from your expertise regarding the following issue: i have been doing malware analysis and researching for a few years, and i want to learn ...
- 1
2 votes
0 answers
1k views
Do you know the equivalent of the Intel Pin utility for AMD processors
Do you know an instrument equivalent to Intel Pin (https://software.intel.com/en-us/articles/pin-a-dynamic-binary-instrumentation-tool) for AMD processors, which helps me especially for reverse of ...
- 33
5 votes
2 answers
2k views
Trace Method Calls in .NET/C# Binary
I have a heavily obfuscated Windows service binary. Fields, types and methods are renamed. While it is possible to decompile the binary using dnSpy, it is still very cumbersome to identify important/...
- 151
1 vote
0 answers
3k views
Tracing calls, rets and instructions with Intel Pin
I am writing a Pin tool with the following functionality: It has to record instructions with arguments. (works well) It has to record memory access operations associated with instructions. (works well)...
- 124
1 vote
0 answers
51 views
Instrumentation fail when app use far jump 0x33 crash
Do you known any dbi tool that support instrumentation of application that use far jump 0x33? P.S. pin, dymanoRIO don't support far jump 0x33.
- 11
1 vote
0 answers
165 views
Is Dynamic Binary Instrumentation legal in UK/EU for malware analysis?
I am doing a university project about performing malware analysis on binary files. The end goal would be to analyze real world executables(Microsoft Office installation file for example). If I use DBI,...
2 votes
1 answer
119 views
Detect interesting testcases
Suppose I have a ton of test cases and my target is closed-source. Well, I need to know which test cases discover new path in the execution of my target and which are duplicated. I know I have to use ...
- 21