TinyProcessor

This project replaces syscall numbers & arguments in Tinytracer's .tag output w/ their actual Nt function declarations for better readability.

Do note that some functions declarations are not included, so some arguments will not be processed

The function declarations I use in this project are obtained from CAPE Sandbox and NtInternals. In the case of conflicting declarations for the same function, CAPE's declaration will be prioritized since it references MSDN (which is the official documentation site).

Usage

usage: TinyProcessor.py [-h] -file <filename>

options:
  -h, --help        show this help message and exit
  -file <filename>  Takes in a .tag file generated by Tinytracer

Future Plans:

Remove memory addresses [--remove-addr, -r]
Add argument direction & type [--verbose, -v]
Add symbols for normal API calls by scraping hooks.c
Add support for Linux syscalls
Wrap files using Pyinstaller

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
images/README		images/README
references		references
.gitattributes		.gitattributes
README.md		README.md
TinyProcessor.py		TinyProcessor.py
declarations.out		declarations.out
example.tag		example.tag
example.tag.out		example.tag.out
get_declarations.py		get_declarations.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

TinyProcessor

Usage

Future Plans:

About

Releases

Packages

Contributors 2

Languages

goatmilkkk/TinyProcessor

Folders and files

Latest commit

History

Repository files navigation

TinyProcessor

Usage

Future Plans:

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Contributors 2

Languages

Packages