Reversing Code Coverage Tool

• Previous message: dave_at_immunitysec.com: "Re: ms03-049 exploit xp sp0"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 13 Nov 2003 23:59:47 -0000
To: vuln-dev@securityfocus.com

Howdy,

Does anyone know of a coverage tool that is useful for reverse engineering on Win32?

I know there are a million profiling/code coverage tools out there. I've looked at a bunch, but I'm looking for something that suits a specific set of needs:

- Does not require source (obviously)
- Does not require binary modifications (or none that change addresses)
- Records execution of any or all functions in a binary
- Can record execution at arbitrary addresses I specify
- Doesn't impact performance (at least not too much)
- Can be used in conjunction with a debugger. (won't bugger things up by using breakpoints)

I don't really want exhaustive coverage info or perty graphs, I want to be able to trace which functions are executing in an arbitrary binary with minimum effort. Ideally I'd like to be able to give something a dump of IDA (or similar) symbols, run the program, and see which ones execute in which sequence and in which threads.

In other words, I'm f*$#!ing sick of using breakpoints and single stepping to try and figure out what parts of a binary are getting hit. Pen, paper and a debugger work for small sections of code, but become with very large binaries. There must be a better way.

Does anyone know if something like this exists? Has someone found a better solution?

Cheers,
~ol

• Previous message: dave_at_immunitysec.com: "Re: ms03-049 exploit xp sp0"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]