The efficient and transparent proof-of-concept tool for heap-based bugs detection in x86 machine code for Windows applications.
WinHeap Explorer main module
- Intel pin-2.14-71313-msvc10-windows http://software.intel.com/sites/landingpage/pintool/downloads/pin-2.14-71313-msvc10-windows.zip
IDAScripts
- IDA disassembler (6.8 or higher) + IDAPython.
pin.exe -t winhe.dll -o results.txt -d sysdlls_ins_list -redzones_size 16 -- calc.exe -d <sysdlls_ins_list> - file with a list of instructions in system or/and user dlls that should be instrumented. -o <log_file> - file to save results. -redzones_size - size of redzones to check heap out of bound access (default 8).
A list of instructions to instrument may be obtained using the scripts provided in the IDAScript folder:
sysdlls_parser.py [path to system dll] usedlls_parser.py -d 2 [path to user dll] -d <depth_level> - search depth level for potentially dangerous routines. Please take a look at config.conf file to configure the scripts.
NOTE: The IDAScripts is possible to use directly from IDAPro without wrappers specified above.