TraceCode does system call tracing only today. The primary goal of this project is to create a tool that provides the same results as the strace-based tracing but would be using using ELF symbols, DWARF debug symbols, signatures or string matching to determine when and how a source code file is built in a binary using only a static analysis. The primary target should be Linux executables, though the code should be designed to be extensible to Windows PE and macOS Dylib and exes.

• Level

  • Advanced

• Tech

  • Python, Linux, ELFs, DWARFs, symbols, reversing

• URLS

  • https://github.com/nexB/tracecode-toolkit for the existing non-static tool
  • https://github.com/nexB/scancode-toolkit-contrib for some work in progress on binaries/symbols parsers/extractors

• Mentor

  • @pombredanne https://github.com/pombredanne