Awesome
SoK: Using Dynamic Binary Instrumentation for Security
This repository hosts the code for the paper "SoK: Using Dynamic Binary Instrumentation for Security (And How You May Get Caught Red Handed)" appeared at ACM Asia CCS 2019 (find the pre-print here or on ResearchGate).
The code comprises a library of mitigations that can be integrated in existing pintools, and a set of detections for DBI that we wrote in addition to those tested with existing PoCs. We share the version used for the evaluation, and we plan to add more countermeasures and our own implementations of other detection patterns.
As this is a research prototype, please get in touch if you encounter issues: we do not expect it to work out of the box in all scenarios. The library is currently 32-bit only and was tested on Pin 3.5, Windows 7 SP1, and Visual Studio 2010.