/ptdecoder

Command line utility that decodes Intel PT packets from binary data stream

Primary LanguageRustMIT LicenseMIT

ptdecoder

Command line utility for decoding Intel PT packets from binary data stream.

Build

ptdecoder is written in Rust. You need a working Rust toolchain to build and run ptdecoder. To install a working Rust toolchain, you can refer to rustup.

Clone this repository to local:

git clone https://github.com/Lancern/ptdecoder.git
cd ptdecoder

Then build it with cargo:

cargo build

Then you are done. The executable file can be found under target/debug.

Usage

$ ptdecoder
USAGE:
    ptdecoder <INPUT>

For more information try --help

The only command line argument INPUT is the path to the file that holds binary encoded Intel PT packets data.

License

This program is open-sourced under MIT License.

Acknowledgements

This program depends on the amazing library libipt-rs, which is a Rust-friendly wrapper around libipt.