Skip to content
Branch: master
Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
..
Failed to load latest commit information.
Dbgview.exe Added the Compiled Intel PT driver Jun 27, 2017
INSTDRV.EXE
IdaPt.py
PtControlApp.exe
WindowsPtDriver.sys
libipt.dll Added the Compiled Intel PT driver Jun 27, 2017
readme.md

readme.md

Compiled Windows Intel PT Driver

This folder contains the compiled version of the Windows Intel PT Driver and Control Application

Version: 0.6

News:

  • Re-designed the entire driver code. Now it is much more modular and scalable
  • Added and tested the support for Kernel-mode tracing
  • Added the support for Kernel tracing from the user-mode application (requires Administratives privilege)
  • Added the support for Microsoft HyperV (Root Partition only)
  • Written some example code for doing Kernel-tracing of the loading/unloading code of a target driver

Unfortunately the driver code is still too young to be compiled as signed. You need to enable the Test Signing mode in your Windows OS to be able to use the driver. By the way our tests highlighted that the code was really very stable. Write us a mail (info@andrea-allievi.com) if you find some bugs or for any other queries. If I find the time I will be happy to answer.

Last Revision: 17th June 2017 - Recon Conference

You can’t perform that action at this time.