iDEFENSE Labs Releases Process Stalker

["Michael Sutton" <msutton () iDefense com>]

Authored by Pedram Amini, iDEFENSE Labs is releasing Process Stalker, a
software package that combines the process of run-time profiling, state
mapping and tracing. Consisting of a series of tools and scripts the
goal of a successful stalk is to provide the reverse engineer with an
intuitive visual interface to filtered, meaningful, run-time block-level
trace data. Process Stalker is open source and is available for download
from:

    http://labs.idefense.com

The Process Stalker suite is broken into three main components; an IDA
Pro plug-in, a stand alone tracing tool and a series of Python scripts
for instrumenting intermediary and GML graph files. The generated GML
graph definitions were designed for usage with a freely available
interactive graph visualization tool. Data instrumentation is
accomplished through a series of Python utilities built on top of a
fully documented custom API. Binaries, source code and in-depth
documentation are available in the bundled archive.

The IDA Function Analyzer component was used and extended in the
development of Process Stalker. This component was separately updated
and is also available for download from the iDEFENSE Labs web site.

Michael Sutton
Director, iDEFENSE Labs

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave