Skip to content
/ xtracer Public

old code from 2007/2008 which uses split TLB to trace OEP

License

MIT license
16 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

deroko/xtracer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
xtracer
xtracer
 
 
xtracer_driver
xtracer_driver
 
 
LICENSE
LICENSE
 
 
readme.txt
readme.txt
 
 
xtracer.sln
xtracer.sln
 
 

Repository files navigation

                           xtracer (c) 2008 by deroko of ARTeam
                                
This is tracing driver which uses TLB to trace code execution. Code can
be customized to handle various scenarios. Eg. add more breaks on code
sections, hooking more some native calls to keep control of almost
every allocated buffers, but that's up to the user to implement if he/she
needs it.

This code was writen last year, but since then I didn't publish it...

To use this code simply type:

xtracer.exe <applicaton to trace>

wait a little bit. Also note that you must have internet connection
as code is using my SymbolFinder class to locate some symbols from
ntoskrnl.exe which makes this code compatible with windows versions
from win2k to Vista SP1.

Nothing more to say, enjoy this fine release from ARTeam

                                        (c) 2008 deroko of ARTeam     

Update: sometimes 2018... remove stupid GPLv3, and use MIT...     

Howto build: use old WDK to build xtracer_driver, this was 2008

About

old code from 2007/2008 which uses split TLB to trace OEP

Resources

Readme

License

MIT license
Activity

Stars

16 stars

Watchers

2 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages