Symda is an open-source tool designed as a helper tool for Frida. The tool aims to download and parse symbol files for a given executable. The symbol server that the script uses can be configured. By default, it uses the Microsoft public symbol server. It should make it easier to hook functions by using the symbol files.
Note - this tool is designed only for Windows executables.
- Change the FUNCTION_LIST (functions to hook) variable according to your needs inside symda_python_runner.py . For example:
...
FUNCTION_LIST = [
"KERNELBASE!DeviceIoControl",
]
...- Run the following command with the relevant pid
python symda_python_runner.py <PID>Copyright (c) 2022 CyberArk Software Ltd. All rights reserved
This repository is licensed under MIT License - see LICENSE for more details.
For comments, suggestions, or questions, you can contact Omer Tsarfati (@OmerTsarfati) and CyberArk Labs team. You can find more projects developed by us at https://github.com/cyberark/.