Pin'n'Sieve

A dynamic malware unpacker based on Intel Pin and PE-sieve (deploys PE-sieve scan on specific triggers). Caution: during the process the malware will be deployed. Use it on a VM only.

WARNING: this is an experimental version

How to build?

To compile the prepared project you need to use Visual Studio >= 2012. It was tested with Intel Pin 3.19.

Clone this repo into \source\tools that is inside your Pin root directory.
Open the project in Visual Studio.
Modify the file my_paths.h, and set the path to windows.h into _WINDOWS_H_PATH_, appropriate to your environment.
The other installation steps are analogous to the ones explained in this Wiki.

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
include		include
install32_64		install32_64
.gitignore		.gitignore
ModuleInfo.cpp		ModuleInfo.cpp
ModuleInfo.h		ModuleInfo.h
PinNSieve.cpp		PinNSieve.cpp
PinNSieve.vcxproj		PinNSieve.vcxproj
ProcessInfo.cpp		ProcessInfo.cpp
ProcessInfo.h		ProcessInfo.h
README.md		README.md
ScanProcess.cpp		ScanProcess.cpp
ScanProcess.h		ScanProcess.h
Settings.cpp		Settings.cpp
Settings.h		Settings.h
TraceLog.cpp		TraceLog.cpp
TraceLog.h		TraceLog.h
Util.cpp		Util.cpp
Util.h		Util.h
move_dlls.bat		move_dlls.bat
my_paths.h		my_paths.h

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Pin'n'Sieve

WARNING: this is an experimental version

How to build?

About

Releases

Packages

Languages

Artorios/pin_n_sieve

Folders and files

Latest commit

History

Repository files navigation

Pin'n'Sieve

WARNING: this is an experimental version

How to build?

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages