Frida高级篇-Stalker(1)
颛孙国源
Stalker是Frida的代码跟踪引擎.下面的内容来自Frida官网. 在加密解密,trace,代码定位方面用途还是挺大的.
Stalker is Frida’s code tracing engine. It allows threads to be
followed, capturing every function, every block, even every
instruction which is executed
类似Frida的工具还有QBDI.
QBDI
QuarkslaB Dynamic binary Instrumentation (QBDI) is a modular, cross-platform and cross-architecture DBI framework. It aims to support Linux, macOS, Android, iOS and Windows operating systems running on x86, x86-64, ARM and AArch64 architectures.
QBDI也能够和Frida完美结合.举个例子,打印导出函数aFunction对应的汇编代码.
var vm = new QBDI();
var state
类似资料: