Official references =================== API reference: http://software.intel.com/sites/landingpage/pintool/docs/71313/Pin/html/group__API__REF.html Download Page: http://software.intel.com/en-us/articles/pintool-downloads User guide: http://software.intel.com/sites/landingpage/pintool/docs/71313/Pin/html/ Another references ================== [blog] Stack and heap overflow detection at runtime via behavior analysis and PIN: http://shell-storm.org/blog/Stack-and-heap-overflow-detection-at-runtime-via-behavior-analysis-and-PIN/ [blog] Binary analysis: Concolic execution with Pin and z3 http://shell-storm.org/blog/Binary-analysis-Concolic-execution-with-Pin-and-z3/ [Blog] Taint analysis and pattern matching with Pin: http://shell-storm.org/blog/Taint-analysis-and-pattern-matching-with-Pin/ [Blog] In-Memory fuzzing with Pin: http://shell-storm.org/blog/In-Memory-fuzzing-with-Pin/ [Blog] Pintool and Z3 Introduction: http://jbremer.org/pintool-and-z3-introduction/ [Blog] Pin Denial of Service: http://jbremer.org/pin-denial-of-service/ [Blog] Pintool Makefile: http://jbremer.org/pintool-makefile/ [Blog] Detecting Uninitialized Memory Read Access Bugs: http://jbremer.org/detecting-uninitialized-memory-read-access-bugs-using-pin-a-la-valgrind/ [Blog] Malware Unpacking Level: http://jbremer.org/malware-unpacking-level-pintool/ [Blog] A simple pin tool unpacker for the linux version of skype: http://joxeankoret.com/blog/2012/11/04/a-simple-pin-tool-unpacker-for-the-linux-version-of-skype/ [Blog] Binary Instrumentation for Exploit Analysis Purposes: part1: http://scrammed.blogspot.fr/2013/03/binary-instrumentation-for-exploit_10.html part2: http://scrammed.blogspot.fr/2013/03/binary-instrumentation-for-exploit.html [Blog] A story of binaries and snipers: http://brundlelab.wordpress.com/2012/06/02/a-story-of-binaries-and-snipers/ [Blog] Code for Example Pin Tool (Strace clone) http://wiki.ucalgary.ca/page/Courses/Computer_Science/CPSC_601.29.ISSA/20110218CodeSession [Blog] Writing tools with pin http://tfpwn.rainbowsandpwnies.com/writing-tools-with-pin.html ---------------------------------------------------------- [PPT] Pin Building Customized Program Analysis Tools with Dynamic Instrumentation: http://www.ckluk.org/ck/talks/pin_pldi05.ppt [PPT] Introduction to Pin: http://www0.cs.ucl.ac.uk/staff/K.Alzarooni/projfiles/TSAlgo/MyPinTool/ASPLOS04-Pin2Tutorial.ppt ---------------------------------------------------------- [PDF] Pin tutorial: http://www.cs.du.edu/~dconnors/courses/comp3361/notes/PinTutorial.pdf [PDF] Introduction to the Pin Instrumentation Tool: http://cs.gmu.edu/~astavrou/courses/ISA_673_S13/PIN_lecture.pdf [PDF] Dynamic Instrumentation with Pin: http://gec.di.uminho.pt/Discip/MInf/cpd0708/SCD/IntelProfilers07.pdf [PDF] Binary instrumentation for hackers and security pro: http://www.slideshare.net/iamit/binary-instrumentation-dc9723-7761539 [PDF] Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation: http://www.cs.washington.edu/education/courses/cse548/08wi/papers/pin-pldi05.pdf ---------------------------------------------------------- [Tool] Samples https://github.com/JonathanSalwan/PinTools [Tool] Concolic execution (PoC) http://shell-storm.org/files/PoC-Concolic-Execution-with-Pin-and-z3.cpp [Tool] In-Memory fuzzing: http://shell-storm.org/files/InMemoryFuzzing.cpp [Tool] Simple loop detection via instruction counter: http://shell-storm.org/files/Simple-loop-detection-via-the-instruction-counter.cpp [Tool] Detect pointer utilization without check: http://shell-storm.org/files/pointer-utilization-without-check.cpp [Tool] Detect use after free via pattern matching: http://shell-storm.org/files/pattern-matching-use-after-free.cpp [Tool] Spread the taint and follow your data: http://shell-storm.org/files/Spread-the-taint-and-follow-your-data.cpp [Tool] Simple monitoring i/o memory access: http://shell-storm.org/files/Simple-taint-a-memory-area.cpp [Tool] debugtrace.cpp: https://svn.mcs.anl.gov/repos/performance/Gwalp/gwalpsite/pin/source/tools/DebugTrace/debugtrace.cpp [Tool] gentrace.cpp: http://bap.ece.cmu.edu/download/bap-0.5/pintraces/gentrace.cpp [Tool] followchild.cpp: http://xa.yimg.com/kq/groups/13366780/1459949471/name/followchild.cpp [Tool] Saffron Dynamic Instrumentation Code: http://www.offensivecomputing.net/bhusa2007/saffron-di.cpp [Tool] memtrace: https://bitbucket.org/munin/pin-tools/src/fd77be9b75d63cf33218985201c1e05257a921f8/tools/memtrace [Tool] Pinpack: http://www.joxeankoret.com/download/pinpack.cpp [Tool] dcache: http://www.stanford.edu/class/cs343/resources/dcache.cpp [Tool] Tracing CreateFile Windows API http://chpie.tistory.com/attachment/cfile2.uf@1723C7034B54460C22656E.cpp