|
@niculaita
I started looking at your request. After some trials, I found that getting a list of register��s values when snnifed at certain VA of a process can leave a huge amount of data when the process repeatedly go over this VA. More annoying than anything else��
In my opinion, a better tool would be able to pause a process at the user��s request, read the register of interest at a particular VA, and then resume the process. That is how I built a first draft of a sniffer for your target and it works perfectly on Win 7.
@EXETOOLS
I am not aware that such tool is already available, but anybody here knows if it is the case? If no solution already exists, I will definitely share the one I am creating when it is finished��
AC
|