Skip to content
Visualization of heap operations.
Python C++ C JavaScript Makefile
Branch: master
Clone or download
Pull request Compare This branch is 21 commits ahead, 13 commits behind wapiflapi:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Villoc is a heap visualisation tool, it's a python script that renders a static html file. An example can be seen here:, this is villoc running on an exploit of PlaidCTF 2015's challenge PlaidDB.

How to

The easiest way to use villoc against a binary that uses "malloc" functions is probably to run the following command and open out.html in a browser.

Pintool way

ltrace ./target |& - out.html;

It is probably a good idea to disable ASLR for repeatable results and to use a file to pass the ltrace to villoc because otherwise the target's error output will be interleaved and might confuse villoc sometimes.

setarch x86_64 -R ltrace -o trace ./target; trace out.html;


Use with caution, not very stable yet

LD_PRELOAD="./ldpreload/" ./target |& - out.html

frida-gadget way

LD_PRELOAD="/path/to/" FRIDA_GADGET_SCRIPT="./frida/malloc_hook.js" ./target |& - out.html


Which malloc

This has been made with glibc's dl_malloc (and its derivates like ptmalloc2) in mind. But it should work for other implementations, especially if you play with the --header and --footer options to indicate how much overhead the targeted malloc adds to the user data.

You can’t perform that action at this time.