oleavr
September 11th, 2014, 18:03
It's a self-optimizing cross-platform code tracer based on dynamic recompilation, powered by Frida and Capstone. Works at the machine code level, no source code needed. Tags threads based on which APIs they use, showing you in real-time what functions have been called, allowing you to study them by carefully injecting logging and other side-effecty code.
Here's a 43 second screencast showing it in action:
https://www.youtube.com/watch?v=hzDsxtcRavY ("https://www.youtube.com/watch?v=hzDsxtcRavY")
Source code and links to binaries available here:
https://github.com/frida/cryptoshark ("https://github.com/frida/cryptoshark")
Here's a 43 second screencast showing it in action:
https://www.youtube.com/watch?v=hzDsxtcRavY ("https://www.youtube.com/watch?v=hzDsxtcRavY")
Source code and links to binaries available here:
https://github.com/frida/cryptoshark ("https://github.com/frida/cryptoshark")