├── BranchTrace-x64plugin-wtl
    ├── BranchTrace-x64plugin-wtl.aps
    ├── BranchTrace-x64plugin-wtl.rc
    ├── BranchTrace-x64plugin-wtl.vcxproj
    ├── BranchTrace-x64plugin-wtl.vcxproj.filters
    ├── BranchTrace-x64plugin-wtl.vcxproj.user
    ├── LDasm
    │   ├── LDasm.c
    │   └── LDasm.h
    ├── ThreadTraceCore.cpp
    ├── ThreadTraceCore.h
    ├── ThreadTraceDialog.cpp
    ├── ThreadTraceDialog.h
    ├── disassembler.cpp
    ├── disassembler.h
    ├── dllmain.cpp
    ├── dllmain.h
    ├── plugin.h
    ├── plugin_global.h
    ├── pluginsdk
    │   ├── DeviceNameResolver
    │   │   ├── DeviceNameResolver.h
    │   │   ├── DeviceNameResolver_x64.a
    │   │   ├── DeviceNameResolver_x64.lib
    │   │   ├── DeviceNameResolver_x86.a
    │   │   └── DeviceNameResolver_x86.lib
    │   ├── TitanEngine
    │   │   ├── TitanEngine.h
    │   │   ├── TitanEngine_x64.a
    │   │   ├── TitanEngine_x64.lib
    │   │   ├── TitanEngine_x86.a
    │   │   └── TitanEngine_x86.lib
    │   ├── XEDParse
    │   │   ├── XEDParse.h
    │   │   ├── XEDParse_x64.a
    │   │   ├── XEDParse_x64.lib
    │   │   ├── XEDParse_x86.a
    │   │   └── XEDParse_x86.lib
    │   ├── _dbgfunctions.h
    │   ├── _plugin_types.h
    │   ├── _plugins.h
    │   ├── _scriptapi.h
    │   ├── _scriptapi_argument.h
    │   ├── _scriptapi_assembler.h
    │   ├── _scriptapi_bookmark.h
    │   ├── _scriptapi_comment.h
    │   ├── _scriptapi_debug.h
    │   ├── _scriptapi_flag.h
    │   ├── _scriptapi_function.h
    │   ├── _scriptapi_gui.h
    │   ├── _scriptapi_label.h
    │   ├── _scriptapi_memory.h
    │   ├── _scriptapi_misc.h
    │   ├── _scriptapi_module.h
    │   ├── _scriptapi_pattern.h
    │   ├── _scriptapi_register.h
    │   ├── _scriptapi_stack.h
    │   ├── _scriptapi_symbol.h
    │   ├── bridgegraph.h
    │   ├── bridgelist.h
    │   ├── bridgemain.h
    │   ├── dbghelp
    │   │   ├── dbghelp.h
    │   │   ├── dbghelp_x64.a
    │   │   ├── dbghelp_x64.lib
    │   │   ├── dbghelp_x86.a
    │   │   └── dbghelp_x86.lib
    │   ├── jansson
    │   │   ├── jansson.h
    │   │   ├── jansson_config.h
    │   │   ├── jansson_x64.a
    │   │   ├── jansson_x64.lib
    │   │   ├── jansson_x64dbg.h
    │   │   ├── jansson_x86.a
    │   │   └── jansson_x86.lib
    │   ├── lz4
    │   │   ├── lz4.h
    │   │   ├── lz4_x64.a
    │   │   ├── lz4_x64.lib
    │   │   ├── lz4_x86.a
    │   │   ├── lz4_x86.lib
    │   │   ├── lz4file.h
    │   │   └── lz4hc.h
    │   ├── x32bridge.lib
    │   ├── x32dbg.lib
    │   ├── x64bridge.lib
    │   └── x64dbg.lib
    ├── pulgin.cpp
    ├── res
    │   ├── Thread.png
    │   └── trace.png
    ├── resource.h
    └── stdafx.h
├── BranchTrace-x64plugin
    ├── BranchTrace-x64plugin.aps
    ├── BranchTrace-x64plugin.cpp
    ├── BranchTrace-x64plugin.h
    ├── BranchTrace-x64plugin.rc
    ├── BranchTrace-x64plugin.vcxproj
    ├── BranchTrace-x64plugin.vcxproj.filters
    ├── BranchTrace-x64plugin.vcxproj.user
    ├── ThreadTraceDialog.cpp
    ├── ThreadTraceDialog.h
    ├── framework.h
    ├── pch.h
    ├── plugin.cpp
    ├── plugin.h
    ├── plugin_global.h
    ├── res
    │   ├── BranchTrace-x64plugin.rc2
    │   ├── Thread.png
    │   └── trace.png
    ├── resource.h
    └── targetver.h
├── BranchTraceExe
    ├── BrachTraceExe.vcxproj
    ├── BrachTraceExe.vcxproj.filters
    ├── BrachTraceExe.vcxproj.user
    └── brach-trace-exe.cpp
├── BranchTracerSys
    ├── BranchTracerSys.cpp
    ├── BranchTracerSys.vcxproj
    ├── BranchTracerSys.vcxproj.filters
    ├── BranchTracerSys.vcxproj.user
    ├── asm
    │   ├── cpu.inc
    │   ├── debug.h
    │   ├── debug32.asm
    │   └── debug64.asm
    ├── bts
    │   ├── bts.cpp
    │   └── bts.h
    ├── ioctls.h
    ├── kernel-hooks
    │   ├── Hooks.cpp
    │   ├── Hooks.h
    │   ├── LDasm.c
    │   └── LDasm.h
    ├── kernel-tools
    │   ├── KernelBase.c
    │   ├── KernelBase.h
    │   ├── apc_ex.c
    │   ├── apc_ex.h
    │   ├── my_ntstatus.h
    │   ├── nt_enums.h
    │   ├── nt_imports.h
    │   ├── nt_include.h
    │   └── nt_structs.h
    └── runsdvui.cmd
└── README.md


/BranchTrace-x64plugin-wtl/BranchTrace-x64plugin-wtl.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/BranchTrace-x64plugin-wtl.aps


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/BranchTrace-x64plugin-wtl.rc:
--------------------------------------------------------------------------------
  1 | // Microsoft Visual C++ generated resource script.
  2 | //
  3 | #include "resource.h"
  4 | 
  5 | #define APSTUDIO_READONLY_SYMBOLS
  6 | /////////////////////////////////////////////////////////////////////////////
  7 | //
  8 | // Generated from the TEXTINCLUDE 2 resource.
  9 | //
 10 | #include "winres.h"
 11 | 
 12 | /////////////////////////////////////////////////////////////////////////////
 13 | #undef APSTUDIO_READONLY_SYMBOLS
 14 | 
 15 | /////////////////////////////////////////////////////////////////////////////
 16 | // Chinese (Simplified, PRC) resources
 17 | 
 18 | #if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_CHS)
 19 | LANGUAGE LANG_CHINESE, SUBLANG_CHINESE_SIMPLIFIED
 20 | #pragma code_page(936)
 21 | 
 22 | #ifdef APSTUDIO_INVOKED
 23 | /////////////////////////////////////////////////////////////////////////////
 24 | //
 25 | // TEXTINCLUDE
 26 | //
 27 | 
 28 | 1 TEXTINCLUDE 
 29 | BEGIN
 30 |     "resource.h\0"
 31 | END
 32 | 
 33 | 2 TEXTINCLUDE 
 34 | BEGIN
 35 |     "#include ""winres.h""\r\n"
 36 |     "\0"
 37 | END
 38 | 
 39 | 3 TEXTINCLUDE 
 40 | BEGIN
 41 |     "\r\n"
 42 |     "\0"
 43 | END
 44 | 
 45 | #endif    // APSTUDIO_INVOKED
 46 | 
 47 | 
 48 | /////////////////////////////////////////////////////////////////////////////
 49 | //
 50 | // PNG
 51 | //
 52 | 
 53 | IDB_PNG_THREAD          PNG                     "res\\Thread.png"
 54 | 
 55 | IDB_PNG_TRACE           PNG                     "res\\trace.png"
 56 | 
 57 | 
 58 | /////////////////////////////////////////////////////////////////////////////
 59 | //
 60 | // Dialog
 61 | //
 62 | 
 63 | IDD_DIALOG_THREAD_TRACE DIALOGEX 0, 0, 319, 232
 64 | STYLE DS_SETFONT | DS_MODALFRAME | WS_POPUP | WS_CAPTION | WS_SYSMENU
 65 | CAPTION "Thread Trace"
 66 | FONT 8, "Consolas", 400, 0, 0x0
 67 | BEGIN
 68 |     COMBOBOX        IDC_COMBO_THREAD,72,14,180,30,CBS_DROPDOWNLIST | CBS_SORT | WS_VSCROLL | WS_TABSTOP
 69 |     PUSHBUTTON      "Start Trace",IDC_BUTTON_STARTTRACE,257,14,55,14
 70 |     PUSHBUTTON      "Reset",IDC_BUTTON_RESET,257,32,55,14,WS_DISABLED
 71 |     LTEXT           "Choose Thread",IDC_STATIC,14,17,53,8
 72 |     PUSHBUTTON      "Prev",IDC_BUTTON_PREV,257,169,55,14,WS_DISABLED
 73 |     PUSHBUTTON      "Next(Into)",IDC_BUTTON_NEXTINTO,257,67,55,14,WS_DISABLED
 74 |     PUSHBUTTON      "Prev(Into)",IDC_BUTTON_PREVINTO,257,51,55,14,WS_DISABLED
 75 |     PUSHBUTTON      "&Next",IDC_BUTTON_NEXT,257,185,55,14,WS_DISABLED
 76 |     LTEXT           "Choose Module",IDC_STATIC,14,34,53,8
 77 |     COMBOBOX        IDC_COMBO_MODULE,72,32,180,30,CBS_DROPDOWNLIST | CBS_SORT | WS_VSCROLL | WS_TABSTOP
 78 |     CONTROL         "",IDC_LIST1,"SysListView32",LVS_REPORT | LVS_ALIGNLEFT | WS_BORDER | WS_TABSTOP,14,51,238,174
 79 |     PUSHBUTTON      "ProcStart",IDC_BUTTON_PROCSTART,257,91,55,14,WS_DISABLED
 80 |     PUSHBUTTON      "ProcEnd",IDC_BUTTON_PROCEND,257,107,55,14,WS_DISABLED
 81 |     PUSHBUTTON      "ToEnd",IDC_BUTTON_TOEND,257,211,55,14,WS_DISABLED
 82 |     PUSHBUTTON      "Prev Snippet",IDC_BUTTON_PREVSNIPPET,257,130,55,14,WS_DISABLED
 83 |     PUSHBUTTON      "Next Snippet",IDC_BUTTON_NEXTSNIPPET,257,146,55,14,WS_DISABLED
 84 | END
 85 | 
 86 | 
 87 | /////////////////////////////////////////////////////////////////////////////
 88 | //
 89 | // DESIGNINFO
 90 | //
 91 | 
 92 | #ifdef APSTUDIO_INVOKED
 93 | GUIDELINES DESIGNINFO
 94 | BEGIN
 95 |     IDD_DIALOG_THREAD_TRACE, DIALOG
 96 |     BEGIN
 97 |         LEFTMARGIN, 7
 98 |         RIGHTMARGIN, 312
 99 |         TOPMARGIN, 7
100 |         BOTTOMMARGIN, 225
101 |         HORZGUIDE, 22
102 |         HORZGUIDE, 38
103 |         HORZGUIDE, 51
104 |     END
105 | END
106 | #endif    // APSTUDIO_INVOKED
107 | 
108 | 
109 | /////////////////////////////////////////////////////////////////////////////
110 | //
111 | // AFX_DIALOG_LAYOUT
112 | //
113 | 
114 | IDD_DIALOG_THREAD_TRACE AFX_DIALOG_LAYOUT
115 | BEGIN
116 |     0
117 | END
118 | 
119 | #endif    // Chinese (Simplified, PRC) resources
120 | /////////////////////////////////////////////////////////////////////////////
121 | 
122 | 
123 | 
124 | #ifndef APSTUDIO_INVOKED
125 | /////////////////////////////////////////////////////////////////////////////
126 | //
127 | // Generated from the TEXTINCLUDE 3 resource.
128 | //
129 | 
130 | 
131 | /////////////////////////////////////////////////////////////////////////////
132 | #endif    // not APSTUDIO_INVOKED
133 | 
134 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/BranchTrace-x64plugin-wtl.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>16.0</VCProjectVersion>
 23 |     <Keyword>Win32Proj</Keyword>
 24 |     <ProjectGuid>{e29237f6-bf51-4b3c-a9a7-5c988650686e}</ProjectGuid>
 25 |     <RootNamespace>BranchTracex64pluginwtl</RootNamespace>
 26 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 27 |   </PropertyGroup>
 28 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 29 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 30 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 31 |     <UseDebugLibraries>true</UseDebugLibraries>
 32 |     <PlatformToolset>v142</PlatformToolset>
 33 |     <CharacterSet>MultiByte</CharacterSet>
 34 |   </PropertyGroup>
 35 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 36 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 37 |     <UseDebugLibraries>false</UseDebugLibraries>
 38 |     <PlatformToolset>v142</PlatformToolset>
 39 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 40 |     <CharacterSet>MultiByte</CharacterSet>
 41 |   </PropertyGroup>
 42 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 43 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 44 |     <UseDebugLibraries>true</UseDebugLibraries>
 45 |     <PlatformToolset>v142</PlatformToolset>
 46 |     <CharacterSet>MultiByte</CharacterSet>
 47 |   </PropertyGroup>
 48 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 49 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 50 |     <UseDebugLibraries>false</UseDebugLibraries>
 51 |     <PlatformToolset>v142</PlatformToolset>
 52 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 53 |     <CharacterSet>MultiByte</CharacterSet>
 54 |   </PropertyGroup>
 55 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 56 |   <ImportGroup Label="ExtensionSettings">
 57 |   </ImportGroup>
 58 |   <ImportGroup Label="Shared">
 59 |   </ImportGroup>
 60 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 61 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 62 |   </ImportGroup>
 63 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 64 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 65 |   </ImportGroup>
 66 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 67 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 68 |   </ImportGroup>
 69 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 70 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 71 |   </ImportGroup>
 72 |   <PropertyGroup Label="UserMacros" />
 73 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 74 |     <LinkIncremental>true</LinkIncremental>
 75 |     <TargetExt>.dp$(PlatformArchitecture)</TargetExt>
 76 |     <OutDir>..\..\..\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\plugins</OutDir>
 77 |     <IncludePath>$(IncludePath);E:\third-lib\includes;</IncludePath>
 78 |   </PropertyGroup>
 79 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 80 |     <LinkIncremental>false</LinkIncremental>
 81 |     <TargetExt>.dp$(PlatformArchitecture)</TargetExt>
 82 |     <OutDir>..\..\..\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\plugins</OutDir>
 83 |     <IncludePath>$(IncludePath);E:\third-lib\includes;</IncludePath>
 84 |   </PropertyGroup>
 85 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 86 |     <LinkIncremental>true</LinkIncremental>
 87 |     <TargetExt>.dp$(PlatformArchitecture)</TargetExt>
 88 |     <OutDir>..\..\..\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\plugins</OutDir>
 89 |     <IncludePath>$(IncludePath);E:\third-lib\includes;</IncludePath>
 90 |   </PropertyGroup>
 91 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 92 |     <LinkIncremental>false</LinkIncremental>
 93 |     <TargetExt>.dp$(PlatformArchitecture)</TargetExt>
 94 |     <OutDir>..\..\..\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\plugins</OutDir>
 95 |     <IncludePath>$(IncludePath);E:\third-lib\includes;</IncludePath>
 96 |   </PropertyGroup>
 97 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 98 |     <ClCompile>
 99 |       <WarningLevel>Level3</WarningLevel>
100 |       <SDLCheck>true</SDLCheck>
101 |       <PreprocessorDefinitions>WIN32;_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
102 |       <ConformanceMode>true</ConformanceMode>
103 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
104 |     </ClCompile>
105 |     <Link>
106 |       <SubSystem>NotSet</SubSystem>
107 |       <GenerateDebugInformation>true</GenerateDebugInformation>
108 |       <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies);E:\third-lib\lib\$(Configuration)$(PlatformTarget)\Zydis.lib</AdditionalDependencies>
109 |     </Link>
110 |   </ItemDefinitionGroup>
111 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
112 |     <ClCompile>
113 |       <WarningLevel>Level3</WarningLevel>
114 |       <FunctionLevelLinking>true</FunctionLevelLinking>
115 |       <IntrinsicFunctions>true</IntrinsicFunctions>
116 |       <SDLCheck>true</SDLCheck>
117 |       <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
118 |       <ConformanceMode>true</ConformanceMode>
119 |       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
120 |     </ClCompile>
121 |     <Link>
122 |       <SubSystem>NotSet</SubSystem>
123 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
124 |       <OptimizeReferences>true</OptimizeReferences>
125 |       <GenerateDebugInformation>true</GenerateDebugInformation>
126 |       <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies);E:\third-lib\lib\$(Configuration)$(PlatformTarget)\Zydis.lib;</AdditionalDependencies>
127 |     </Link>
128 |   </ItemDefinitionGroup>
129 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
130 |     <ClCompile>
131 |       <WarningLevel>Level3</WarningLevel>
132 |       <SDLCheck>true</SDLCheck>
133 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
134 |       <ConformanceMode>true</ConformanceMode>
135 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
136 |     </ClCompile>
137 |     <Link>
138 |       <SubSystem>NotSet</SubSystem>
139 |       <GenerateDebugInformation>true</GenerateDebugInformation>
140 |       <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies);E:\third-lib\lib\$(Configuration)$(PlatformTarget)\Zydis.lib;</AdditionalDependencies>
141 |     </Link>
142 |   </ItemDefinitionGroup>
143 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
144 |     <ClCompile>
145 |       <WarningLevel>Level3</WarningLevel>
146 |       <FunctionLevelLinking>true</FunctionLevelLinking>
147 |       <IntrinsicFunctions>true</IntrinsicFunctions>
148 |       <SDLCheck>true</SDLCheck>
149 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
150 |       <ConformanceMode>true</ConformanceMode>
151 |       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
152 |     </ClCompile>
153 |     <Link>
154 |       <SubSystem>NotSet</SubSystem>
155 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
156 |       <OptimizeReferences>true</OptimizeReferences>
157 |       <GenerateDebugInformation>true</GenerateDebugInformation>
158 |       <AdditionalDependencies>kernel32.lib;user32.lib;gdi32.lib;winspool.lib;comdlg32.lib;advapi32.lib;shell32.lib;ole32.lib;oleaut32.lib;uuid.lib;odbc32.lib;odbccp32.lib;%(AdditionalDependencies);E:\third-lib\lib\$(Configuration)$(PlatformTarget)\Zydis.lib;</AdditionalDependencies>
159 |     </Link>
160 |   </ItemDefinitionGroup>
161 |   <ItemGroup>
162 |     <ClCompile Include="disassembler.cpp" />
163 |     <ClCompile Include="dllmain.cpp" />
164 |     <ClCompile Include="LDasm\LDasm.c" />
165 |     <ClCompile Include="ThreadTraceCore.cpp" />
166 |     <ClCompile Include="ThreadTraceDialog.cpp" />
167 |     <ClCompile Include="pulgin.cpp" />
168 |   </ItemGroup>
169 |   <ItemGroup>
170 |     <ClInclude Include="disassembler.h" />
171 |     <ClInclude Include="dllmain.h" />
172 |     <ClInclude Include="LDasm\LDasm.h" />
173 |     <ClInclude Include="plugin_global.h" />
174 |     <ClInclude Include="resource.h" />
175 |     <ClInclude Include="ThreadTraceCore.h" />
176 |     <ClInclude Include="ThreadTraceDialog.h" />
177 |     <ClInclude Include="plugin.h" />
178 |     <ClInclude Include="pluginsdk\bridgegraph.h" />
179 |     <ClInclude Include="pluginsdk\bridgelist.h" />
180 |     <ClInclude Include="pluginsdk\bridgemain.h" />
181 |     <ClInclude Include="pluginsdk\_dbgfunctions.h" />
182 |     <ClInclude Include="pluginsdk\_plugins.h" />
183 |     <ClInclude Include="pluginsdk\_plugin_types.h" />
184 |     <ClInclude Include="pluginsdk\_scriptapi.h" />
185 |     <ClInclude Include="pluginsdk\_scriptapi_argument.h" />
186 |     <ClInclude Include="pluginsdk\_scriptapi_assembler.h" />
187 |     <ClInclude Include="pluginsdk\_scriptapi_bookmark.h" />
188 |     <ClInclude Include="pluginsdk\_scriptapi_comment.h" />
189 |     <ClInclude Include="pluginsdk\_scriptapi_debug.h" />
190 |     <ClInclude Include="pluginsdk\_scriptapi_flag.h" />
191 |     <ClInclude Include="pluginsdk\_scriptapi_function.h" />
192 |     <ClInclude Include="pluginsdk\_scriptapi_gui.h" />
193 |     <ClInclude Include="pluginsdk\_scriptapi_label.h" />
194 |     <ClInclude Include="pluginsdk\_scriptapi_memory.h" />
195 |     <ClInclude Include="pluginsdk\_scriptapi_misc.h" />
196 |     <ClInclude Include="pluginsdk\_scriptapi_module.h" />
197 |     <ClInclude Include="pluginsdk\_scriptapi_pattern.h" />
198 |     <ClInclude Include="pluginsdk\_scriptapi_register.h" />
199 |     <ClInclude Include="pluginsdk\_scriptapi_stack.h" />
200 |     <ClInclude Include="pluginsdk\_scriptapi_symbol.h" />
201 |     <ClInclude Include="stdafx.h" />
202 |   </ItemGroup>
203 |   <ItemGroup>
204 |     <Library Include="pluginsdk\x32bridge.lib" />
205 |     <Library Include="pluginsdk\x32dbg.lib" />
206 |     <Library Include="pluginsdk\x64bridge.lib" />
207 |     <Library Include="pluginsdk\x64dbg.lib" />
208 |   </ItemGroup>
209 |   <ItemGroup>
210 |     <ResourceCompile Include="BranchTrace-x64plugin-wtl.rc" />
211 |   </ItemGroup>
212 |   <ItemGroup>
213 |     <Image Include="res\Thread.png" />
214 |     <Image Include="res\trace.png" />
215 |   </ItemGroup>
216 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
217 |   <ImportGroup Label="ExtensionTargets">
218 |   </ImportGroup>
219 | </Project>


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/BranchTrace-x64plugin-wtl.vcxproj.filters:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup>
  4 |     <Filter Include="Source Files">
  5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
  6 |       <Extensions>cpp;c;cc;cxx;c++;cppm;ixx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
  7 |     </Filter>
  8 |     <Filter Include="Header Files">
  9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
 10 |       <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
 11 |     </Filter>
 12 |     <Filter Include="Resource Files">
 13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
 14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
 15 |     </Filter>
 16 |     <Filter Include="Header Files\pluginsdk">
 17 |       <UniqueIdentifier>{2e430117-686d-4410-a80c-cdc92ba350af}</UniqueIdentifier>
 18 |     </Filter>
 19 |     <Filter Include="Source Files\ThreadTrace">
 20 |       <UniqueIdentifier>{631d739d-396f-4d5d-b3e3-2cdae72c6524}</UniqueIdentifier>
 21 |     </Filter>
 22 |     <Filter Include="Source Files\disassembler">
 23 |       <UniqueIdentifier>{f01f3db0-bd30-466f-a1af-f05619d18cb9}</UniqueIdentifier>
 24 |     </Filter>
 25 |     <Filter Include="Source Files\LDasm">
 26 |       <UniqueIdentifier>{7191814d-618e-4bb6-b06e-999c73fa2915}</UniqueIdentifier>
 27 |     </Filter>
 28 |     <Filter Include="Header Files\LDasm">
 29 |       <UniqueIdentifier>{f443bc61-3a33-4dfa-9385-e1cd6fabc425}</UniqueIdentifier>
 30 |     </Filter>
 31 |   </ItemGroup>
 32 |   <ItemGroup>
 33 |     <ClCompile Include="dllmain.cpp">
 34 |       <Filter>Source Files</Filter>
 35 |     </ClCompile>
 36 |     <ClCompile Include="pulgin.cpp">
 37 |       <Filter>Source Files</Filter>
 38 |     </ClCompile>
 39 |     <ClCompile Include="ThreadTraceDialog.cpp">
 40 |       <Filter>Source Files\ThreadTrace</Filter>
 41 |     </ClCompile>
 42 |     <ClCompile Include="disassembler.cpp">
 43 |       <Filter>Source Files\disassembler</Filter>
 44 |     </ClCompile>
 45 |     <ClCompile Include="LDasm\LDasm.c">
 46 |       <Filter>Source Files\LDasm</Filter>
 47 |     </ClCompile>
 48 |     <ClCompile Include="ThreadTraceCore.cpp">
 49 |       <Filter>Source Files\ThreadTrace</Filter>
 50 |     </ClCompile>
 51 |   </ItemGroup>
 52 |   <ItemGroup>
 53 |     <ClInclude Include="dllmain.h">
 54 |       <Filter>Source Files</Filter>
 55 |     </ClInclude>
 56 |     <ClInclude Include="plugin.h">
 57 |       <Filter>Source Files</Filter>
 58 |     </ClInclude>
 59 |     <ClInclude Include="stdafx.h">
 60 |       <Filter>Header Files</Filter>
 61 |     </ClInclude>
 62 |     <ClInclude Include="pluginsdk\_dbgfunctions.h">
 63 |       <Filter>Header Files\pluginsdk</Filter>
 64 |     </ClInclude>
 65 |     <ClInclude Include="pluginsdk\_plugin_types.h">
 66 |       <Filter>Header Files\pluginsdk</Filter>
 67 |     </ClInclude>
 68 |     <ClInclude Include="pluginsdk\_plugins.h">
 69 |       <Filter>Header Files\pluginsdk</Filter>
 70 |     </ClInclude>
 71 |     <ClInclude Include="pluginsdk\_scriptapi.h">
 72 |       <Filter>Header Files\pluginsdk</Filter>
 73 |     </ClInclude>
 74 |     <ClInclude Include="pluginsdk\_scriptapi_argument.h">
 75 |       <Filter>Header Files\pluginsdk</Filter>
 76 |     </ClInclude>
 77 |     <ClInclude Include="pluginsdk\_scriptapi_assembler.h">
 78 |       <Filter>Header Files\pluginsdk</Filter>
 79 |     </ClInclude>
 80 |     <ClInclude Include="pluginsdk\_scriptapi_bookmark.h">
 81 |       <Filter>Header Files\pluginsdk</Filter>
 82 |     </ClInclude>
 83 |     <ClInclude Include="pluginsdk\_scriptapi_comment.h">
 84 |       <Filter>Header Files\pluginsdk</Filter>
 85 |     </ClInclude>
 86 |     <ClInclude Include="pluginsdk\_scriptapi_debug.h">
 87 |       <Filter>Header Files\pluginsdk</Filter>
 88 |     </ClInclude>
 89 |     <ClInclude Include="pluginsdk\_scriptapi_flag.h">
 90 |       <Filter>Header Files\pluginsdk</Filter>
 91 |     </ClInclude>
 92 |     <ClInclude Include="pluginsdk\_scriptapi_function.h">
 93 |       <Filter>Header Files\pluginsdk</Filter>
 94 |     </ClInclude>
 95 |     <ClInclude Include="pluginsdk\_scriptapi_gui.h">
 96 |       <Filter>Header Files\pluginsdk</Filter>
 97 |     </ClInclude>
 98 |     <ClInclude Include="pluginsdk\_scriptapi_label.h">
 99 |       <Filter>Header Files\pluginsdk</Filter>
100 |     </ClInclude>
101 |     <ClInclude Include="pluginsdk\_scriptapi_memory.h">
102 |       <Filter>Header Files\pluginsdk</Filter>
103 |     </ClInclude>
104 |     <ClInclude Include="pluginsdk\_scriptapi_misc.h">
105 |       <Filter>Header Files\pluginsdk</Filter>
106 |     </ClInclude>
107 |     <ClInclude Include="pluginsdk\_scriptapi_module.h">
108 |       <Filter>Header Files\pluginsdk</Filter>
109 |     </ClInclude>
110 |     <ClInclude Include="pluginsdk\_scriptapi_pattern.h">
111 |       <Filter>Header Files\pluginsdk</Filter>
112 |     </ClInclude>
113 |     <ClInclude Include="pluginsdk\_scriptapi_register.h">
114 |       <Filter>Header Files\pluginsdk</Filter>
115 |     </ClInclude>
116 |     <ClInclude Include="pluginsdk\_scriptapi_stack.h">
117 |       <Filter>Header Files\pluginsdk</Filter>
118 |     </ClInclude>
119 |     <ClInclude Include="pluginsdk\_scriptapi_symbol.h">
120 |       <Filter>Header Files\pluginsdk</Filter>
121 |     </ClInclude>
122 |     <ClInclude Include="pluginsdk\bridgegraph.h">
123 |       <Filter>Header Files\pluginsdk</Filter>
124 |     </ClInclude>
125 |     <ClInclude Include="pluginsdk\bridgelist.h">
126 |       <Filter>Header Files\pluginsdk</Filter>
127 |     </ClInclude>
128 |     <ClInclude Include="pluginsdk\bridgemain.h">
129 |       <Filter>Header Files\pluginsdk</Filter>
130 |     </ClInclude>
131 |     <ClInclude Include="ThreadTraceDialog.h">
132 |       <Filter>Source Files\ThreadTrace</Filter>
133 |     </ClInclude>
134 |     <ClInclude Include="plugin_global.h">
135 |       <Filter>Source Files</Filter>
136 |     </ClInclude>
137 |     <ClInclude Include="resource.h">
138 |       <Filter>Header Files</Filter>
139 |     </ClInclude>
140 |     <ClInclude Include="ThreadTraceCore.h">
141 |       <Filter>Source Files\ThreadTrace</Filter>
142 |     </ClInclude>
143 |     <ClInclude Include="disassembler.h">
144 |       <Filter>Source Files\disassembler</Filter>
145 |     </ClInclude>
146 |     <ClInclude Include="LDasm\LDasm.h">
147 |       <Filter>Source Files\LDasm</Filter>
148 |     </ClInclude>
149 |   </ItemGroup>
150 |   <ItemGroup>
151 |     <Library Include="pluginsdk\x32bridge.lib">
152 |       <Filter>Header Files\pluginsdk</Filter>
153 |     </Library>
154 |     <Library Include="pluginsdk\x32dbg.lib">
155 |       <Filter>Header Files\pluginsdk</Filter>
156 |     </Library>
157 |     <Library Include="pluginsdk\x64bridge.lib">
158 |       <Filter>Header Files\pluginsdk</Filter>
159 |     </Library>
160 |     <Library Include="pluginsdk\x64dbg.lib">
161 |       <Filter>Header Files\pluginsdk</Filter>
162 |     </Library>
163 |   </ItemGroup>
164 |   <ItemGroup>
165 |     <ResourceCompile Include="BranchTrace-x64plugin-wtl.rc">
166 |       <Filter>Resource Files</Filter>
167 |     </ResourceCompile>
168 |   </ItemGroup>
169 |   <ItemGroup>
170 |     <Image Include="res\Thread.png">
171 |       <Filter>Resource Files</Filter>
172 |     </Image>
173 |     <Image Include="res\trace.png">
174 |       <Filter>Resource Files</Filter>
175 |     </Image>
176 |   </ItemGroup>
177 | </Project>


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/BranchTrace-x64plugin-wtl.vcxproj.user:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 4 |     <LocalDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</LocalDebuggerCommand>
 5 |     <DebuggerFlavor>WindowsRemoteDebugger</DebuggerFlavor>
 6 |     <RemoteDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</RemoteDebuggerCommand>
 7 |     <RemoteDebuggerServerName>192.168.3.7</RemoteDebuggerServerName>
 8 |     <RemoteDebuggerConnection>RemoteWithoutAuthentication</RemoteDebuggerConnection>
 9 |     <RemoteDebuggerWorkingDirectory>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)</RemoteDebuggerWorkingDirectory>
10 |   </PropertyGroup>
11 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
12 |     <LocalDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</LocalDebuggerCommand>
13 |     <DebuggerFlavor>WindowsRemoteDebugger</DebuggerFlavor>
14 |     <RemoteDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</RemoteDebuggerCommand>
15 |     <RemoteDebuggerServerName>192.168.3.7</RemoteDebuggerServerName>
16 |     <RemoteDebuggerConnection>RemoteWithoutAuthentication</RemoteDebuggerConnection>
17 |     <RemoteDebuggerWorkingDirectory>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)</RemoteDebuggerWorkingDirectory>
18 |   </PropertyGroup>
19 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
20 |     <LocalDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</LocalDebuggerCommand>
21 |     <DebuggerFlavor>WindowsRemoteDebugger</DebuggerFlavor>
22 |     <RemoteDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</RemoteDebuggerCommand>
23 |     <RemoteDebuggerWorkingDirectory>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)</RemoteDebuggerWorkingDirectory>
24 |     <RemoteDebuggerServerName>192.168.3.7</RemoteDebuggerServerName>
25 |     <RemoteDebuggerConnection>RemoteWithoutAuthentication</RemoteDebuggerConnection>
26 |   </PropertyGroup>
27 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
28 |     <LocalDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</LocalDebuggerCommand>
29 |     <DebuggerFlavor>WindowsRemoteDebugger</DebuggerFlavor>
30 |     <RemoteDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</RemoteDebuggerCommand>
31 |     <RemoteDebuggerWorkingDirectory>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)</RemoteDebuggerWorkingDirectory>
32 |     <RemoteDebuggerServerName>192.168.3.7</RemoteDebuggerServerName>
33 |     <RemoteDebuggerConnection>RemoteWithoutAuthentication</RemoteDebuggerConnection>
34 |   </PropertyGroup>
35 |   <PropertyGroup>
36 |     <RESOURCE_FILE>BranchTrace-x64plugin-wtl.rc</RESOURCE_FILE>
37 |   </PropertyGroup>
38 | </Project>


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/LDasm/LDasm.h:
--------------------------------------------------------------------------------
 1 | #ifndef _LDASM_
 2 | #define _LDASM_
 3 | 
 4 | #include <windows.h>
 5 | 
 6 | #ifdef _WIN64
 7 | #define is_x64 1
 8 | #else
 9 | #define is_x64 0
10 | #endif//USE64
11 | 
12 | #ifdef __cplusplus
13 | extern "C"
14 | {
15 | #endif
16 | 
17 | #define F_INVALID       0x01
18 | #define F_PREFIX        0x02
19 | #define F_REX           0x04
20 | #define F_MODRM         0x08
21 | #define F_SIB           0x10
22 | #define F_DISP          0x20
23 | #define F_IMM           0x40
24 | #define F_RELATIVE      0x80
25 | 
26 | typedef struct _ldasm_data
27 | {
28 |     UINT8 flags;
29 |     UINT8 rex;
30 |     UINT8 modrm;
31 |     UINT8 sib;
32 |     UINT8 opcd_offset;
33 |     UINT8 opcd_size;
34 |     UINT8 disp_offset;
35 |     UINT8 disp_size;
36 |     UINT8 imm_offset;
37 |     UINT8 imm_size;
38 | } ldasm_data;
39 | 
40 | 
41 | unsigned int __fastcall ldasm_length(void* code, UINT32 is64);
42 | unsigned int __fastcall ldasm(void* code, ldasm_data* ld, UINT32 is64);
43 | unsigned long __fastcall SizeOfProc(void* Proc);
44 | unsigned int __fastcall PrevInstrLength(void* code, size_t bufferSize, UINT32 is64);
45 | void* __fastcall ResolveJmp(void* Proc);
46 | 
47 | #ifdef __cplusplus
48 | }
49 | #endif
50 | 
51 | #endif//_LDASM_
52 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/ThreadTraceCore.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/ThreadTraceCore.cpp


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/ThreadTraceCore.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/ThreadTraceCore.h


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/ThreadTraceDialog.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/ThreadTraceDialog.cpp


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/ThreadTraceDialog.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/ThreadTraceDialog.h


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/disassembler.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | #pragma warning(disable 26812)
 3 | #include <Zydis/Decoder.h>
 4 | #include <map>
 5 | #include <set>
 6 | #include <vector>
 7 | 
 8 | struct Instruction {
 9 |     ZydisDecodedInstruction zydisInstrction;
10 | };
11 | 
12 | class Disassembler {
13 | 
14 | private:
15 |     ZydisDecoder zydisDecoder;
16 |     std::map<size_t, std::vector<size_t>> m_pageInstrAddrMap;
17 |     std::map<size_t, std::map<size_t, int>> m_pageInstrAddrIndexMap;
18 | 
19 | 
20 | 
21 | public:
22 |     Disassembler();
23 | 
24 |     bool Disasm(unsigned char* code, size_t codesize, Instruction* instrction);
25 |     const char* FormatZydisRegister(ZydisRegister reg);
26 | 
27 |     void loadPage(void* buffer, size_t pageAddr);
28 | 
29 |     void Reset();
30 | };
31 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/dllmain.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/dllmain.cpp


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/dllmain.h:
--------------------------------------------------------------------------------
1 | #pragma once 
2 | 
3 | #include <Windows.h>
4 | 
5 | extern HMODULE g_hModule;


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/plugin.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/plugin.h


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/plugin_global.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | #include "stdafx.h"
 3 | #include "ThreadTraceDialog.h"
 4 | #include "plugin.h"
 5 | #include "disassembler.h"
 6 | 
 7 | class PluginGlobal {
 8 | 
 9 | public:
10 |     ThreadTraceDialog* threadTraceDialog;
11 |     Disassembler* disassembler;
12 | 
13 | private:
14 |     PluginGlobal() {
15 |         disassembler = new Disassembler();
16 |     };
17 | 
18 | public:
19 |     ~PluginGlobal() {
20 |         CloseAll();
21 |     }
22 | 
23 | public:
24 |     static PluginGlobal* GetInstance() {
25 |         static PluginGlobal pluginGlobal;
26 |         return &pluginGlobal;
27 |     }
28 | 
29 |     void ShowDlgThreadTrace() {
30 |         if (threadTraceDialog == NULL) {
31 |             threadTraceDialog = new ThreadTraceDialog;
32 |             threadTraceDialog->Create(hwndX64Dbg);
33 |         }
34 | 
35 |         threadTraceDialog->ShowWindow(SW_SHOW);
36 |         threadTraceDialog->SetActiveWindow();
37 |     };
38 | 
39 |     void CloseAll() {
40 |         if (threadTraceDialog) {
41 |             CloseWindow(threadTraceDialog->m_hWnd);
42 |             DestroyWindow(threadTraceDialog->m_hWnd);
43 |         }
44 |     }
45 | };
46 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/DeviceNameResolver/DeviceNameResolver.h:
--------------------------------------------------------------------------------
 1 | #ifndef _DEVICENAMERESOLVER_H
 2 | #define _DEVICENAMERESOLVER_H
 3 | 
 4 | #include <windows.h>
 5 | 
 6 | #ifdef __cplusplus
 7 | extern "C"
 8 | {
 9 | #endif
10 | 
11 | __declspec(dllexport) bool DevicePathToPathW(const wchar_t* szDevicePath, wchar_t* szPath, size_t nSizeInChars);
12 | __declspec(dllexport) bool DevicePathToPathA(const char* szDevicePath, char* szPath, size_t nSizeInChars);
13 | __declspec(dllexport) bool DevicePathFromFileHandleW(HANDLE hFile, wchar_t* szDevicePath, size_t nSizeInChars);
14 | __declspec(dllexport) bool DevicePathFromFileHandleA(HANDLE hFile, char* szDevicePath, size_t nSizeInChars);
15 | __declspec(dllexport) bool PathFromFileHandleW(HANDLE hFile, wchar_t* szPath, size_t nSizeInChars);
16 | __declspec(dllexport) bool PathFromFileHandleA(HANDLE hFile, char* szPath, size_t nSizeInChars);
17 | 
18 | #ifdef __cplusplus
19 | }
20 | #endif
21 | 
22 | #endif // _DEVICENAMERESOLVER_H
23 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/DeviceNameResolver/DeviceNameResolver_x64.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/DeviceNameResolver/DeviceNameResolver_x64.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/DeviceNameResolver/DeviceNameResolver_x64.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/DeviceNameResolver/DeviceNameResolver_x64.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/DeviceNameResolver/DeviceNameResolver_x86.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/DeviceNameResolver/DeviceNameResolver_x86.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/DeviceNameResolver/DeviceNameResolver_x86.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/DeviceNameResolver/DeviceNameResolver_x86.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/TitanEngine/TitanEngine_x64.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/TitanEngine/TitanEngine_x64.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/TitanEngine/TitanEngine_x64.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/TitanEngine/TitanEngine_x64.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/TitanEngine/TitanEngine_x86.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/TitanEngine/TitanEngine_x86.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/TitanEngine/TitanEngine_x86.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/TitanEngine/TitanEngine_x86.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/XEDParse/XEDParse.h:
--------------------------------------------------------------------------------
 1 | #ifndef _XEDPARSE_H
 2 | #define _XEDPARSE_H
 3 | 
 4 | #include <windows.h>
 5 | 
 6 | //XEDParse defines
 7 | #ifdef XEDPARSE_BUILD
 8 | #define XEDPARSE_EXPORT __declspec(dllexport)
 9 | #else
10 | #define XEDPARSE_EXPORT __declspec(dllimport)
11 | #endif //XEDPARSE_BUILD
12 | 
13 | #define XEDPARSE_CALL //calling convention
14 | 
15 | #define XEDPARSE_MAXBUFSIZE 256
16 | #define XEDPARSE_MAXASMSIZE 16
17 | 
18 | //typedefs
19 | typedef bool (XEDPARSE_CALL* CBXEDPARSE_UNKNOWN)(const char* text, ULONGLONG* value);
20 | 
21 | //XEDParse enums
22 | enum XEDPARSE_STATUS
23 | {
24 |     XEDPARSE_ERROR = 0,
25 |     XEDPARSE_OK = 1
26 | };
27 | 
28 | //XEDParse structs
29 | #pragma pack(push,8)
30 | struct XEDPARSE
31 | {
32 |     bool x64; // use 64-bit instructions
33 |     ULONGLONG cip; //instruction pointer (for relative addressing)
34 |     unsigned int dest_size; //destination size (returned by XEDParse)
35 |     CBXEDPARSE_UNKNOWN cbUnknown; //unknown operand callback
36 |     unsigned char dest[XEDPARSE_MAXASMSIZE]; //destination buffer
37 |     char instr[XEDPARSE_MAXBUFSIZE]; //instruction text
38 |     char error[XEDPARSE_MAXBUFSIZE]; //error text (in case of an error)
39 | };
40 | #pragma pack(pop)
41 | 
42 | #ifdef __cplusplus
43 | extern "C"
44 | {
45 | #endif
46 | 
47 | XEDPARSE_EXPORT XEDPARSE_STATUS XEDPARSE_CALL XEDParseAssemble(XEDPARSE* XEDParse);
48 | 
49 | #ifdef __cplusplus
50 | }
51 | #endif
52 | 
53 | #endif // _XEDPARSE_H
54 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/XEDParse/XEDParse_x64.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/XEDParse/XEDParse_x64.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/XEDParse/XEDParse_x64.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/XEDParse/XEDParse_x64.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/XEDParse/XEDParse_x86.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/XEDParse/XEDParse_x86.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/XEDParse/XEDParse_x86.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/XEDParse/XEDParse_x86.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_dbgfunctions.h:
--------------------------------------------------------------------------------
  1 | #ifndef _DBGFUNCTIONS_H
  2 | #define _DBGFUNCTIONS_H
  3 | 
  4 | #ifndef __cplusplus
  5 | #include <stdbool.h>
  6 | #endif
  7 | 
  8 | typedef struct
  9 | {
 10 |     char mod[MAX_MODULE_SIZE];
 11 |     duint addr;
 12 |     unsigned char oldbyte;
 13 |     unsigned char newbyte;
 14 | } DBGPATCHINFO;
 15 | 
 16 | typedef struct
 17 | {
 18 |     duint addr;
 19 |     duint from;
 20 |     duint to;
 21 |     char comment[MAX_COMMENT_SIZE];
 22 | } DBGCALLSTACKENTRY;
 23 | 
 24 | typedef struct
 25 | {
 26 |     int total;
 27 |     DBGCALLSTACKENTRY* entries;
 28 | } DBGCALLSTACK;
 29 | 
 30 | typedef struct
 31 | {
 32 |     duint addr;
 33 |     duint handler;
 34 | } DBGSEHRECORD;
 35 | 
 36 | typedef struct
 37 | {
 38 |     duint total;
 39 |     DBGSEHRECORD* records;
 40 | } DBGSEHCHAIN;
 41 | 
 42 | typedef struct
 43 | {
 44 |     DWORD dwProcessId;
 45 |     char szExeFile[MAX_PATH];
 46 |     char szExeMainWindowTitle[MAX_PATH];
 47 |     char szExeArgs[MAX_COMMAND_LINE_SIZE];
 48 | } DBGPROCESSINFO;
 49 | 
 50 | typedef struct
 51 | {
 52 |     DWORD rva;
 53 |     BYTE type;
 54 |     WORD size;
 55 | } DBGRELOCATIONINFO;
 56 | 
 57 | typedef enum
 58 | {
 59 |     InstructionBody = 0,
 60 |     InstructionHeading = 1,
 61 |     InstructionTailing = 2,
 62 |     InstructionOverlapped = 3, // The byte was executed with differing instruction base addresses
 63 |     DataByte,  // This and the following is not implemented yet.
 64 |     DataWord,
 65 |     DataDWord,
 66 |     DataQWord,
 67 |     DataFloat,
 68 |     DataDouble,
 69 |     DataLongDouble,
 70 |     DataXMM,
 71 |     DataYMM,
 72 |     DataMMX,
 73 |     DataMixed, //the byte is accessed in multiple ways
 74 |     InstructionDataMixed //the byte is both executed and written
 75 | } TRACERECORDBYTETYPE;
 76 | 
 77 | typedef enum
 78 | {
 79 |     TraceRecordNone,
 80 |     TraceRecordBitExec,
 81 |     TraceRecordByteWithExecTypeAndCounter,
 82 |     TraceRecordWordWithExecTypeAndCounter
 83 | } TRACERECORDTYPE;
 84 | 
 85 | typedef struct
 86 | {
 87 |     duint Handle;
 88 |     unsigned char TypeNumber;
 89 |     unsigned int GrantedAccess;
 90 | } HANDLEINFO;
 91 | 
 92 | // The longest ip address is 1234:6789:1234:6789:1234:6789:123.567.901.345 (46 bytes)
 93 | #define TCP_ADDR_SIZE 50
 94 | 
 95 | typedef struct
 96 | {
 97 |     char RemoteAddress[TCP_ADDR_SIZE];
 98 |     unsigned short RemotePort;
 99 |     char LocalAddress[TCP_ADDR_SIZE];
100 |     unsigned short LocalPort;
101 |     char StateText[TCP_ADDR_SIZE];
102 |     unsigned int State;
103 | } TCPCONNECTIONINFO;
104 | 
105 | typedef struct
106 | {
107 |     duint handle;
108 |     duint parent;
109 |     DWORD threadId;
110 |     DWORD style;
111 |     DWORD styleEx;
112 |     duint wndProc;
113 |     bool enabled;
114 |     RECT position;
115 |     char windowTitle[MAX_COMMENT_SIZE];
116 |     char windowClass[MAX_COMMENT_SIZE];
117 | } WINDOW_INFO;
118 | 
119 | typedef struct
120 | {
121 |     duint addr;
122 |     duint size;
123 |     duint flags;
124 | } HEAPINFO;
125 | 
126 | typedef struct
127 | {
128 |     const char* name;
129 |     duint value;
130 | } CONSTANTINFO;
131 | 
132 | typedef enum
133 | {
134 |     MODSYMUNLOADED = 0,
135 |     MODSYMLOADING,
136 |     MODSYMLOADED
137 | } MODULESYMBOLSTATUS;
138 | 
139 | typedef bool (*ASSEMBLEATEX)(duint addr, const char* instruction, char* error, bool fillnop);
140 | typedef bool (*SECTIONFROMADDR)(duint addr, char* section);
141 | typedef bool (*MODNAMEFROMADDR)(duint addr, char* modname, bool extension);
142 | typedef duint(*MODBASEFROMADDR)(duint addr);
143 | typedef duint(*MODBASEFROMNAME)(const char* modname);
144 | typedef duint(*MODSIZEFROMADDR)(duint addr);
145 | typedef bool (*ASSEMBLE)(duint addr, unsigned char* dest, int* size, const char* instruction, char* error);
146 | typedef bool (*PATCHGET)(duint addr);
147 | typedef bool (*PATCHINRANGE)(duint start, duint end);
148 | typedef bool (*MEMPATCH)(duint va, const unsigned char* src, duint size);
149 | typedef void (*PATCHRESTORERANGE)(duint start, duint end);
150 | typedef bool (*PATCHENUM)(DBGPATCHINFO* patchlist, size_t* cbsize);
151 | typedef bool (*PATCHRESTORE)(duint addr);
152 | typedef int (*PATCHFILE)(DBGPATCHINFO* patchlist, int count, const char* szFileName, char* error);
153 | typedef int (*MODPATHFROMADDR)(duint addr, char* path, int size);
154 | typedef int (*MODPATHFROMNAME)(const char* modname, char* path, int size);
155 | typedef bool (*DISASMFAST)(const unsigned char* data, duint addr, BASIC_INSTRUCTION_INFO* basicinfo);
156 | typedef void (*MEMUPDATEMAP)();
157 | typedef void (*GETCALLSTACK)(DBGCALLSTACK* callstack);
158 | typedef void (*GETSEHCHAIN)(DBGSEHCHAIN* sehchain);
159 | typedef void (*SYMBOLDOWNLOADALLSYMBOLS)(const char* szSymbolStore);
160 | typedef bool (*GETJIT)(char* jit, bool x64);
161 | typedef bool (*GETJITAUTO)(bool* jitauto);
162 | typedef bool (*GETDEFJIT)(char* defjit);
163 | typedef bool (*GETPROCESSLIST)(DBGPROCESSINFO** entries, int* count);
164 | typedef bool (*GETPAGERIGHTS)(duint addr, char* rights);
165 | typedef bool (*SETPAGERIGHTS)(duint addr, const char* rights);
166 | typedef bool (*PAGERIGHTSTOSTRING)(DWORD protect, char* rights);
167 | typedef bool (*ISPROCESSELEVATED)();
168 | typedef bool (*GETCMDLINE)(char* cmdline, size_t* cbsize);
169 | typedef bool (*SETCMDLINE)(const char* cmdline);
170 | typedef duint(*FILEOFFSETTOVA)(const char* modname, duint offset);
171 | typedef duint(*VATOFILEOFFSET)(duint va);
172 | typedef duint(*GETADDRFROMLINE)(const char* szSourceFile, int line, duint* displacement);
173 | typedef bool (*GETSOURCEFROMADDR)(duint addr, char* szSourceFile, int* line);
174 | typedef bool (*VALFROMSTRING)(const char* string, duint* value);
175 | typedef bool (*PATCHGETEX)(duint addr, DBGPATCHINFO* info);
176 | typedef bool (*GETBRIDGEBP)(BPXTYPE type, duint addr, BRIDGEBP* bp);
177 | typedef bool (*STRINGFORMATINLINE)(const char* format, size_t resultSize, char* result);
178 | typedef void (*GETMNEMONICBRIEF)(const char* mnem, size_t resultSize, char* result);
179 | typedef unsigned int (*GETTRACERECORDHITCOUNT)(duint address);
180 | typedef TRACERECORDBYTETYPE(*GETTRACERECORDBYTETYPE)(duint address);
181 | typedef bool (*SETTRACERECORDTYPE)(duint pageAddress, TRACERECORDTYPE type);
182 | typedef TRACERECORDTYPE(*GETTRACERECORDTYPE)(duint pageAddress);
183 | typedef bool (*ENUMHANDLES)(ListOf(HANDLEINFO) handles);
184 | typedef bool (*GETHANDLENAME)(duint handle, char* name, size_t nameSize, char* typeName, size_t typeNameSize);
185 | typedef bool (*ENUMTCPCONNECTIONS)(ListOf(TCPCONNECTIONINFO) connections);
186 | typedef duint(*GETDBGEVENTS)();
187 | typedef MODULEPARTY(*MODGETPARTY)(duint base);
188 | typedef void (*MODSETPARTY)(duint base, MODULEPARTY party);
189 | typedef bool(*WATCHISWATCHDOGTRIGGERED)(unsigned int id);
190 | typedef bool(*MEMISCODEPAGE)(duint addr, bool refresh);
191 | typedef bool(*ANIMATECOMMAND)(const char* command);
192 | typedef void(*DBGSETDEBUGGEEINITSCRIPT)(const char* fileName);
193 | typedef const char* (*DBGGETDEBUGGEEINITSCRIPT)();
194 | typedef bool(*HANDLESENUMWINDOWS)(ListOf(WINDOW_INFO) windows);
195 | typedef bool(*HANDLESENUMHEAPS)(ListOf(HEAPINFO) heaps);
196 | typedef bool(*THREADGETNAME)(DWORD tid, char* name);
197 | typedef bool(*ISDEPENABLED)();
198 | typedef void(*GETCALLSTACKEX)(DBGCALLSTACK* callstack, bool cache);
199 | typedef bool(*GETUSERCOMMENT)(duint addr, char* comment);
200 | typedef void(*ENUMCONSTANTS)(ListOf(CONSTANTINFO) constants);
201 | typedef duint(*MEMBPSIZE)(duint addr);
202 | typedef bool(*MODRELOCATIONSFROMADDR)(duint addr, ListOf(DBGRELOCATIONINFO) relocations);
203 | typedef bool(*MODRELOCATIONATADDR)(duint addr, DBGRELOCATIONINFO* relocation);
204 | typedef bool(*MODRELOCATIONSINRANGE)(duint addr, duint size, ListOf(DBGRELOCATIONINFO) relocations);
205 | typedef duint(*DBGETHASH)();
206 | typedef int(*SYMAUTOCOMPLETE)(const char* Search, char** Buffer, int MaxSymbols);
207 | typedef void(*REFRESHMODULELIST)();
208 | typedef duint(*GETADDRFROMLINEEX)(duint mod, const char* szSourceFile, int line);
209 | typedef MODULESYMBOLSTATUS(*MODSYMBOLSTATUS)(duint mod);
210 | 
211 | //The list of all the DbgFunctions() return value.
212 | //WARNING: This list is append only. Do not insert things in the middle or plugins would break.
213 | typedef struct DBGFUNCTIONS_
214 | {
215 |     ASSEMBLEATEX AssembleAtEx;
216 |     SECTIONFROMADDR SectionFromAddr;
217 |     MODNAMEFROMADDR ModNameFromAddr;
218 |     MODBASEFROMADDR ModBaseFromAddr;
219 |     MODBASEFROMNAME ModBaseFromName;
220 |     MODSIZEFROMADDR ModSizeFromAddr;
221 |     ASSEMBLE Assemble;
222 |     PATCHGET PatchGet;
223 |     PATCHINRANGE PatchInRange;
224 |     MEMPATCH MemPatch;
225 |     PATCHRESTORERANGE PatchRestoreRange;
226 |     PATCHENUM PatchEnum;
227 |     PATCHRESTORE PatchRestore;
228 |     PATCHFILE PatchFile;
229 |     MODPATHFROMADDR ModPathFromAddr;
230 |     MODPATHFROMNAME ModPathFromName;
231 |     DISASMFAST DisasmFast;
232 |     MEMUPDATEMAP MemUpdateMap;
233 |     GETCALLSTACK GetCallStack;
234 |     GETSEHCHAIN GetSEHChain;
235 |     SYMBOLDOWNLOADALLSYMBOLS SymbolDownloadAllSymbols;
236 |     GETJITAUTO GetJitAuto;
237 |     GETJIT GetJit;
238 |     GETDEFJIT GetDefJit;
239 |     GETPROCESSLIST GetProcessList;
240 |     GETPAGERIGHTS GetPageRights;
241 |     SETPAGERIGHTS SetPageRights;
242 |     PAGERIGHTSTOSTRING PageRightsToString;
243 |     ISPROCESSELEVATED IsProcessElevated;
244 |     GETCMDLINE GetCmdline;
245 |     SETCMDLINE SetCmdline;
246 |     FILEOFFSETTOVA FileOffsetToVa;
247 |     VATOFILEOFFSET VaToFileOffset;
248 |     GETADDRFROMLINE GetAddrFromLine;
249 |     GETSOURCEFROMADDR GetSourceFromAddr;
250 |     VALFROMSTRING ValFromString;
251 |     PATCHGETEX PatchGetEx;
252 |     GETBRIDGEBP GetBridgeBp;
253 |     STRINGFORMATINLINE StringFormatInline;
254 |     GETMNEMONICBRIEF GetMnemonicBrief;
255 |     GETTRACERECORDHITCOUNT GetTraceRecordHitCount;
256 |     GETTRACERECORDBYTETYPE GetTraceRecordByteType;
257 |     SETTRACERECORDTYPE SetTraceRecordType;
258 |     GETTRACERECORDTYPE GetTraceRecordType;
259 |     ENUMHANDLES EnumHandles;
260 |     GETHANDLENAME GetHandleName;
261 |     ENUMTCPCONNECTIONS EnumTcpConnections;
262 |     GETDBGEVENTS GetDbgEvents;
263 |     MODGETPARTY ModGetParty;
264 |     MODSETPARTY ModSetParty;
265 |     WATCHISWATCHDOGTRIGGERED WatchIsWatchdogTriggered;
266 |     MEMISCODEPAGE MemIsCodePage;
267 |     ANIMATECOMMAND AnimateCommand;
268 |     DBGSETDEBUGGEEINITSCRIPT DbgSetDebuggeeInitScript;
269 |     DBGGETDEBUGGEEINITSCRIPT DbgGetDebuggeeInitScript;
270 |     HANDLESENUMWINDOWS EnumWindows;
271 |     HANDLESENUMHEAPS EnumHeaps;
272 |     THREADGETNAME ThreadGetName;
273 |     ISDEPENABLED IsDepEnabled;
274 |     GETCALLSTACKEX GetCallStackEx;
275 |     GETUSERCOMMENT GetUserComment;
276 |     ENUMCONSTANTS EnumConstants;
277 |     ENUMCONSTANTS EnumErrorCodes;
278 |     ENUMCONSTANTS EnumExceptions;
279 |     MEMBPSIZE MemBpSize;
280 |     MODRELOCATIONSFROMADDR ModRelocationsFromAddr;
281 |     MODRELOCATIONATADDR ModRelocationAtAddr;
282 |     MODRELOCATIONSINRANGE ModRelocationsInRange;
283 |     DBGETHASH DbGetHash;
284 |     SYMAUTOCOMPLETE SymAutoComplete;
285 |     REFRESHMODULELIST RefreshModuleList;
286 |     GETADDRFROMLINEEX GetAddrFromLineEx;
287 |     MODSYMBOLSTATUS ModSymbolStatus;
288 | } DBGFUNCTIONS;
289 | 
290 | #ifdef BUILD_DBG
291 | 
292 | const DBGFUNCTIONS* dbgfunctionsget();
293 | void dbgfunctionsinit();
294 | 
295 | #endif //BUILD_DBG
296 | 
297 | #endif //_DBGFUNCTIONS_H
298 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_plugin_types.h:
--------------------------------------------------------------------------------
 1 | #ifndef _PLUGIN_DATA_H
 2 | #define _PLUGIN_DATA_H
 3 | 
 4 | #ifdef BUILD_DBG
 5 | 
 6 | #include "_global.h"
 7 | #include "jansson/jansson.h"
 8 | #pragma warning(push)
 9 | #pragma warning(disable:4091)
10 | #include <dbghelp.h>
11 | #pragma warning(pop)
12 | 
13 | #else
14 | 
15 | #ifdef __GNUC__
16 | #include "dbghelp/dbghelp.h"
17 | #else
18 | #pragma warning(push)
19 | #pragma warning(disable:4091)
20 | #include <dbghelp.h>
21 | #pragma warning(pop)
22 | #endif // __GNUC__
23 | 
24 | #ifndef deflen
25 | #define deflen 1024
26 | #endif // deflen
27 | 
28 | #include "bridgemain.h"
29 | #include "_dbgfunctions.h"
30 | #include "jansson/jansson.h"
31 | 
32 | #endif // BUILD_DBG
33 | 
34 | #endif // _PLUGIN_DATA_H
35 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_plugins.h:
--------------------------------------------------------------------------------
  1 | #ifndef _PLUGINS_H
  2 | #define _PLUGINS_H
  3 | 
  4 | #ifndef __cplusplus
  5 | #include <stdbool.h>
  6 | #endif
  7 | 
  8 | #ifndef PLUG_IMPEXP
  9 | #ifdef BUILD_DBG
 10 | #define PLUG_IMPEXP __declspec(dllexport)
 11 | #else
 12 | #define PLUG_IMPEXP __declspec(dllimport)
 13 | #endif //BUILD_DBG
 14 | #endif //PLUG_IMPEXP
 15 | 
 16 | #include "_plugin_types.h"
 17 | 
 18 | //default structure alignments forced
 19 | #ifdef _WIN64
 20 | #pragma pack(push, 16)
 21 | #else //x86
 22 | #pragma pack(push, 8)
 23 | #endif //_WIN64
 24 | 
 25 | //defines
 26 | #define PLUG_SDKVERSION 1
 27 | 
 28 | #define PLUG_DB_LOADSAVE_DATA 1
 29 | #define PLUG_DB_LOADSAVE_ALL 2
 30 | 
 31 | //structures
 32 | typedef struct
 33 | {
 34 |     //provided by the debugger
 35 |     int pluginHandle;
 36 |     //provided by the pluginit function
 37 |     int sdkVersion;
 38 |     int pluginVersion;
 39 |     char pluginName[256];
 40 | } PLUG_INITSTRUCT;
 41 | 
 42 | typedef struct
 43 | {
 44 |     //provided by the debugger
 45 |     HWND hwndDlg; //gui window handle
 46 |     int hMenu; //plugin menu handle
 47 |     int hMenuDisasm; //plugin disasm menu handle
 48 |     int hMenuDump; //plugin dump menu handle
 49 |     int hMenuStack; //plugin stack menu handle
 50 |     int hMenuGraph; //plugin graph menu handle
 51 |     int hMenuMemmap; //plugin memory map menu handle
 52 |     int hMenuSymmod; //plugin symbol module menu handle
 53 | } PLUG_SETUPSTRUCT;
 54 | 
 55 | typedef struct
 56 | {
 57 |     void* data; //user data
 58 | } PLUG_SCRIPTSTRUCT;
 59 | 
 60 | //callback structures
 61 | typedef struct
 62 | {
 63 |     const char* szFileName;
 64 | } PLUG_CB_INITDEBUG;
 65 | 
 66 | typedef struct
 67 | {
 68 |     void* reserved;
 69 | } PLUG_CB_STOPDEBUG;
 70 | 
 71 | typedef struct
 72 | {
 73 |     CREATE_PROCESS_DEBUG_INFO* CreateProcessInfo;
 74 |     IMAGEHLP_MODULE64* modInfo;
 75 |     const char* DebugFileName;
 76 |     PROCESS_INFORMATION* fdProcessInfo;
 77 | } PLUG_CB_CREATEPROCESS;
 78 | 
 79 | typedef struct
 80 | {
 81 |     EXIT_PROCESS_DEBUG_INFO* ExitProcess;
 82 | } PLUG_CB_EXITPROCESS;
 83 | 
 84 | typedef struct
 85 | {
 86 |     CREATE_THREAD_DEBUG_INFO* CreateThread;
 87 |     DWORD dwThreadId;
 88 | } PLUG_CB_CREATETHREAD;
 89 | 
 90 | typedef struct
 91 | {
 92 |     EXIT_THREAD_DEBUG_INFO* ExitThread;
 93 |     DWORD dwThreadId;
 94 | } PLUG_CB_EXITTHREAD;
 95 | 
 96 | typedef struct
 97 | {
 98 |     void* reserved;
 99 | } PLUG_CB_SYSTEMBREAKPOINT;
100 | 
101 | typedef struct
102 | {
103 |     LOAD_DLL_DEBUG_INFO* LoadDll;
104 |     IMAGEHLP_MODULE64* modInfo;
105 |     const char* modname;
106 | } PLUG_CB_LOADDLL;
107 | 
108 | typedef struct
109 | {
110 |     UNLOAD_DLL_DEBUG_INFO* UnloadDll;
111 | } PLUG_CB_UNLOADDLL;
112 | 
113 | typedef struct
114 | {
115 |     OUTPUT_DEBUG_STRING_INFO* DebugString;
116 | } PLUG_CB_OUTPUTDEBUGSTRING;
117 | 
118 | typedef struct
119 | {
120 |     EXCEPTION_DEBUG_INFO* Exception;
121 | } PLUG_CB_EXCEPTION;
122 | 
123 | typedef struct
124 | {
125 |     BRIDGEBP* breakpoint;
126 | } PLUG_CB_BREAKPOINT;
127 | 
128 | typedef struct
129 | {
130 |     void* reserved;
131 | } PLUG_CB_PAUSEDEBUG;
132 | 
133 | typedef struct
134 | {
135 |     void* reserved;
136 | } PLUG_CB_RESUMEDEBUG;
137 | 
138 | typedef struct
139 | {
140 |     void* reserved;
141 | } PLUG_CB_STEPPED;
142 | 
143 | typedef struct
144 | {
145 |     DWORD dwProcessId;
146 | } PLUG_CB_ATTACH;
147 | 
148 | typedef struct
149 | {
150 |     PROCESS_INFORMATION* fdProcessInfo;
151 | } PLUG_CB_DETACH;
152 | 
153 | typedef struct
154 | {
155 |     DEBUG_EVENT* DebugEvent;
156 | } PLUG_CB_DEBUGEVENT;
157 | 
158 | typedef struct
159 | {
160 |     int hEntry;
161 | } PLUG_CB_MENUENTRY;
162 | 
163 | typedef struct
164 | {
165 |     MSG* message;
166 |     long* result;
167 |     bool retval;
168 | } PLUG_CB_WINEVENT;
169 | 
170 | typedef struct
171 | {
172 |     MSG* message;
173 |     bool retval;
174 | } PLUG_CB_WINEVENTGLOBAL;
175 | 
176 | typedef struct
177 | {
178 |     json_t* root;
179 |     int loadSaveType;
180 | } PLUG_CB_LOADSAVEDB;
181 | 
182 | typedef struct
183 | {
184 |     const char* symbol;
185 |     bool retval;
186 | } PLUG_CB_FILTERSYMBOL;
187 | 
188 | typedef struct
189 | {
190 |     duint cip;
191 |     bool stop;
192 | } PLUG_CB_TRACEEXECUTE;
193 | 
194 | typedef struct
195 | {
196 |     int hWindow;
197 |     duint VA;
198 | } PLUG_CB_SELCHANGED;
199 | 
200 | typedef struct
201 | {
202 |     BridgeCFGraphList graph;
203 | } PLUG_CB_ANALYZE;
204 | 
205 | typedef struct
206 | {
207 |     duint addr;
208 |     BRIDGE_ADDRINFO* addrinfo;
209 |     bool retval;
210 | } PLUG_CB_ADDRINFO;
211 | 
212 | typedef struct
213 | {
214 |     const char* string;
215 |     duint value;
216 |     int* value_size;
217 |     bool* isvar;
218 |     bool* hexonly;
219 |     bool retval;
220 | } PLUG_CB_VALFROMSTRING;
221 | 
222 | typedef struct
223 | {
224 |     const char* string;
225 |     duint value;
226 |     bool retval;
227 | } PLUG_CB_VALTOSTRING;
228 | 
229 | typedef struct
230 | {
231 |     GUIMENUTYPE hMenu;
232 | } PLUG_CB_MENUPREPARE;
233 | 
234 | //enums
235 | typedef enum
236 | {
237 |     CB_INITDEBUG, //PLUG_CB_INITDEBUG
238 |     CB_STOPDEBUG, //PLUG_CB_STOPDEBUG
239 |     CB_CREATEPROCESS, //PLUG_CB_CREATEPROCESS
240 |     CB_EXITPROCESS, //PLUG_CB_EXITPROCESS
241 |     CB_CREATETHREAD, //PLUG_CB_CREATETHREAD
242 |     CB_EXITTHREAD, //PLUG_CB_EXITTHREAD
243 |     CB_SYSTEMBREAKPOINT, //PLUG_CB_SYSTEMBREAKPOINT
244 |     CB_LOADDLL, //PLUG_CB_LOADDLL
245 |     CB_UNLOADDLL, //PLUG_CB_UNLOADDLL
246 |     CB_OUTPUTDEBUGSTRING, //PLUG_CB_OUTPUTDEBUGSTRING
247 |     CB_EXCEPTION, //PLUG_CB_EXCEPTION
248 |     CB_BREAKPOINT, //PLUG_CB_BREAKPOINT
249 |     CB_PAUSEDEBUG, //PLUG_CB_PAUSEDEBUG
250 |     CB_RESUMEDEBUG, //PLUG_CB_RESUMEDEBUG
251 |     CB_STEPPED, //PLUG_CB_STEPPED
252 |     CB_ATTACH, //PLUG_CB_ATTACHED (before attaching, after CB_INITDEBUG)
253 |     CB_DETACH, //PLUG_CB_DETACH (before detaching, before CB_STOPDEBUG)
254 |     CB_DEBUGEVENT, //PLUG_CB_DEBUGEVENT (called on any debug event)
255 |     CB_MENUENTRY, //PLUG_CB_MENUENTRY
256 |     CB_WINEVENT, //PLUG_CB_WINEVENT
257 |     CB_WINEVENTGLOBAL, //PLUG_CB_WINEVENTGLOBAL
258 |     CB_LOADDB, //PLUG_CB_LOADSAVEDB
259 |     CB_SAVEDB, //PLUG_CB_LOADSAVEDB
260 |     CB_FILTERSYMBOL, //PLUG_CB_FILTERSYMBOL
261 |     CB_TRACEEXECUTE, //PLUG_CB_TRACEEXECUTE
262 |     CB_SELCHANGED, //PLUG_CB_SELCHANGED
263 |     CB_ANALYZE, //PLUG_CB_ANALYZE
264 |     CB_ADDRINFO, //PLUG_CB_ADDRINFO
265 |     CB_VALFROMSTRING, //PLUG_CB_VALFROMSTRING
266 |     CB_VALTOSTRING, //PLUG_CB_VALTOSTRING
267 |     CB_MENUPREPARE, //PLUG_CB_MENUPREPARE
268 |     CB_LAST
269 | } CBTYPE;
270 | 
271 | typedef enum
272 | {
273 |     FORMAT_ERROR, //generic failure (no message)
274 |     FORMAT_SUCCESS, //success
275 |     FORMAT_ERROR_MESSAGE, //formatting failed but an error was put in the buffer (there are always at least 511 characters available).
276 |     FORMAT_BUFFER_TOO_SMALL //buffer too small (x64dbg will retry until the buffer is big enough)
277 | } FORMATRESULT;
278 | 
279 | //typedefs
280 | typedef void (*CBPLUGIN)(CBTYPE cbType, void* callbackInfo);
281 | typedef bool (*CBPLUGINCOMMAND)(int argc, char** argv);
282 | typedef void (*CBPLUGINSCRIPT)();
283 | typedef duint(*CBPLUGINEXPRFUNCTION)(int argc, duint* argv, void* userdata);
284 | typedef FORMATRESULT(*CBPLUGINFORMATFUNCTION)(char* dest, size_t destCount, int argc, char* argv[], duint value, void* userdata);
285 | typedef bool (*CBPLUGINPREDICATE)(void* userdata);
286 | 
287 | //exports
288 | #ifdef __cplusplus
289 | extern "C"
290 | {
291 | #endif
292 | 
293 | PLUG_IMPEXP void _plugin_registercallback(int pluginHandle, CBTYPE cbType, CBPLUGIN cbPlugin);
294 | PLUG_IMPEXP bool _plugin_unregistercallback(int pluginHandle, CBTYPE cbType);
295 | PLUG_IMPEXP bool _plugin_registercommand(int pluginHandle, const char* command, CBPLUGINCOMMAND cbCommand, bool debugonly);
296 | PLUG_IMPEXP bool _plugin_unregistercommand(int pluginHandle, const char* command);
297 | PLUG_IMPEXP void _plugin_logprintf(const char* format, ...);
298 | PLUG_IMPEXP void _plugin_logputs(const char* text);
299 | PLUG_IMPEXP void _plugin_logprint(const char* text);
300 | PLUG_IMPEXP void _plugin_debugpause();
301 | PLUG_IMPEXP void _plugin_debugskipexceptions(bool skip);
302 | PLUG_IMPEXP int _plugin_menuadd(int hMenu, const char* title);
303 | PLUG_IMPEXP bool _plugin_menuaddentry(int hMenu, int hEntry, const char* title);
304 | PLUG_IMPEXP bool _plugin_menuaddseparator(int hMenu);
305 | PLUG_IMPEXP bool _plugin_menuclear(int hMenu);
306 | PLUG_IMPEXP void _plugin_menuseticon(int hMenu, const ICONDATA* icon);
307 | PLUG_IMPEXP void _plugin_menuentryseticon(int pluginHandle, int hEntry, const ICONDATA* icon);
308 | PLUG_IMPEXP void _plugin_menuentrysetchecked(int pluginHandle, int hEntry, bool checked);
309 | PLUG_IMPEXP void _plugin_menusetvisible(int pluginHandle, int hMenu, bool visible);
310 | PLUG_IMPEXP void _plugin_menuentrysetvisible(int pluginHandle, int hEntry, bool visible);
311 | PLUG_IMPEXP void _plugin_menusetname(int pluginHandle, int hMenu, const char* name);
312 | PLUG_IMPEXP void _plugin_menuentrysetname(int pluginHandle, int hEntry, const char* name);
313 | PLUG_IMPEXP void _plugin_menuentrysethotkey(int pluginHandle, int hEntry, const char* hotkey);
314 | PLUG_IMPEXP bool _plugin_menuremove(int hMenu);
315 | PLUG_IMPEXP bool _plugin_menuentryremove(int pluginHandle, int hEntry);
316 | PLUG_IMPEXP void _plugin_startscript(CBPLUGINSCRIPT cbScript);
317 | PLUG_IMPEXP bool _plugin_waituntilpaused();
318 | PLUG_IMPEXP bool _plugin_registerexprfunction(int pluginHandle, const char* name, int argc, CBPLUGINEXPRFUNCTION cbFunction, void* userdata);
319 | PLUG_IMPEXP bool _plugin_unregisterexprfunction(int pluginHandle, const char* name);
320 | PLUG_IMPEXP bool _plugin_unload(const char* pluginName);
321 | PLUG_IMPEXP bool _plugin_load(const char* pluginName);
322 | PLUG_IMPEXP duint _plugin_hash(const void* data, duint size);
323 | PLUG_IMPEXP bool _plugin_registerformatfunction(int pluginHandle, const char* type, CBPLUGINFORMATFUNCTION cbFunction, void* userdata);
324 | PLUG_IMPEXP bool _plugin_unregisterformatfunction(int pluginHandle, const char* type);
325 | 
326 | #ifdef __cplusplus
327 | }
328 | #endif
329 | 
330 | #pragma pack(pop)
331 | 
332 | #endif // _PLUGINS_H
333 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi.h:
--------------------------------------------------------------------------------
1 | #ifndef _SCRIPT_API_H
2 | #define _SCRIPT_API_H
3 | 
4 | #include "_plugins.h"
5 | 
6 | #define SCRIPT_EXPORT PLUG_IMPEXP
7 | 
8 | #endif //_SCRIPT_API_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_argument.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_ARGUMENT_H
 2 | #define _SCRIPTAPI_ARGUMENT_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Argument
 9 |     {
10 |         struct ArgumentInfo
11 |         {
12 |             char mod[MAX_MODULE_SIZE];
13 |             duint rvaStart;
14 |             duint rvaEnd;
15 |             bool manual;
16 |             duint instructioncount;
17 |         };
18 | 
19 |         SCRIPT_EXPORT bool Add(duint start, duint end, bool manual, duint instructionCount = 0);
20 |         SCRIPT_EXPORT bool Add(const ArgumentInfo* info);
21 |         SCRIPT_EXPORT bool Get(duint addr, duint* start = nullptr, duint* end = nullptr, duint* instructionCount = nullptr);
22 |         SCRIPT_EXPORT bool GetInfo(duint addr, ArgumentInfo* info);
23 |         SCRIPT_EXPORT bool Overlaps(duint start, duint end);
24 |         SCRIPT_EXPORT bool Delete(duint address);
25 |         SCRIPT_EXPORT void DeleteRange(duint start, duint end, bool deleteManual = false);
26 |         SCRIPT_EXPORT void Clear();
27 |         SCRIPT_EXPORT bool GetList(ListOf(ArgumentInfo) list); //caller has the responsibility to free the list
28 |     }; //Argument
29 | }; //Script
30 | 
31 | #endif //_SCRIPTAPI_ARGUMENT_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_assembler.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_ASSEMBLER_H
 2 | #define _SCRIPTAPI_ASSEMBLER_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Assembler
 9 |     {
10 |         SCRIPT_EXPORT bool Assemble(duint addr, unsigned char* dest, int* size, const char* instruction); //dest[16]
11 |         SCRIPT_EXPORT bool AssembleEx(duint addr, unsigned char* dest, int* size, const char* instruction, char* error); //dest[16], error[MAX_ERROR_SIZE]
12 |         SCRIPT_EXPORT bool AssembleMem(duint addr, const char* instruction);
13 |         SCRIPT_EXPORT bool AssembleMemEx(duint addr, const char* instruction, int* size, char* error, bool fillnop); //error[MAX_ERROR_SIZE]
14 |     }; //Assembler
15 | }; //Script
16 | 
17 | #endif //_SCRIPTAPI_ASSEMBLER_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_bookmark.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_BOOKMARK_H
 2 | #define _SCRIPTAPI_BOOKMARK_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Bookmark
 9 |     {
10 |         struct BookmarkInfo
11 |         {
12 |             char mod[MAX_MODULE_SIZE];
13 |             duint rva;
14 |             bool manual;
15 |         };
16 | 
17 |         SCRIPT_EXPORT bool Set(duint addr, bool manual = false);
18 |         SCRIPT_EXPORT bool Set(const BookmarkInfo* info);
19 |         SCRIPT_EXPORT bool Get(duint addr);
20 |         SCRIPT_EXPORT bool GetInfo(duint addr, BookmarkInfo* info);
21 |         SCRIPT_EXPORT bool Delete(duint addr);
22 |         SCRIPT_EXPORT void DeleteRange(duint start, duint end);
23 |         SCRIPT_EXPORT void Clear();
24 |         SCRIPT_EXPORT bool GetList(ListOf(BookmarkInfo) list); //caller has the responsibility to free the list
25 |     }; //Bookmark
26 | }; //Script
27 | 
28 | #endif //_SCRIPTAPI_BOOKMARK_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_comment.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_COMMENT_H
 2 | #define _SCRIPTAPI_COMMENT_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Comment
 9 |     {
10 |         struct CommentInfo
11 |         {
12 |             char mod[MAX_MODULE_SIZE];
13 |             duint rva;
14 |             char text[MAX_LABEL_SIZE];
15 |             bool manual;
16 |         };
17 | 
18 |         SCRIPT_EXPORT bool Set(duint addr, const char* text, bool manual = false);
19 |         SCRIPT_EXPORT bool Set(const CommentInfo* info);
20 |         SCRIPT_EXPORT bool Get(duint addr, char* text); //text[MAX_COMMENT_SIZE]
21 |         SCRIPT_EXPORT bool GetInfo(duint addr, CommentInfo* info);
22 |         SCRIPT_EXPORT bool Delete(duint addr);
23 |         SCRIPT_EXPORT void DeleteRange(duint start, duint end);
24 |         SCRIPT_EXPORT void Clear();
25 |         SCRIPT_EXPORT bool GetList(ListOf(CommentInfo) list); //caller has the responsibility to free the list
26 |     }; //Comment
27 | }; //Script
28 | 
29 | #endif //_SCRIPTAPI_COMMENT_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_debug.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_DEBUG_H
 2 | #define _SCRIPTAPI_DEBUG_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Debug
 9 |     {
10 |         enum HardwareType
11 |         {
12 |             HardwareAccess,
13 |             HardwareWrite,
14 |             HardwareExecute
15 |         };
16 | 
17 |         SCRIPT_EXPORT void Wait();
18 |         SCRIPT_EXPORT void Run();
19 |         SCRIPT_EXPORT void Pause();
20 |         SCRIPT_EXPORT void Stop();
21 |         SCRIPT_EXPORT void StepIn();
22 |         SCRIPT_EXPORT void StepOver();
23 |         SCRIPT_EXPORT void StepOut();
24 |         SCRIPT_EXPORT bool SetBreakpoint(duint address);
25 |         SCRIPT_EXPORT bool DeleteBreakpoint(duint address);
26 |         SCRIPT_EXPORT bool DisableBreakpoint(duint address);
27 |         SCRIPT_EXPORT bool SetHardwareBreakpoint(duint address, HardwareType type = HardwareExecute);
28 |         SCRIPT_EXPORT bool DeleteHardwareBreakpoint(duint address);
29 |     }; //Debug
30 | }; //Script
31 | 
32 | #endif //_SCRIPTAPI_DEBUG_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_flag.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_FLAG_H
 2 | #define _SCRIPTAPI_FLAG_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Flag
 9 |     {
10 |         enum FlagEnum
11 |         {
12 |             ZF,
13 |             OF,
14 |             CF,
15 |             PF,
16 |             SF,
17 |             TF,
18 |             AF,
19 |             DF,
20 |             IF
21 |         };
22 | 
23 |         SCRIPT_EXPORT bool Get(FlagEnum flag);
24 |         SCRIPT_EXPORT bool Set(FlagEnum flag, bool value);
25 | 
26 |         SCRIPT_EXPORT bool GetZF();
27 |         SCRIPT_EXPORT bool SetZF(bool value);
28 |         SCRIPT_EXPORT bool GetOF();
29 |         SCRIPT_EXPORT bool SetOF(bool value);
30 |         SCRIPT_EXPORT bool GetCF();
31 |         SCRIPT_EXPORT bool SetCF(bool value);
32 |         SCRIPT_EXPORT bool GetPF();
33 |         SCRIPT_EXPORT bool SetPF(bool value);
34 |         SCRIPT_EXPORT bool GetSF();
35 |         SCRIPT_EXPORT bool SetSF(bool value);
36 |         SCRIPT_EXPORT bool GetTF();
37 |         SCRIPT_EXPORT bool SetTF(bool value);
38 |         SCRIPT_EXPORT bool GetAF();
39 |         SCRIPT_EXPORT bool SetAF(bool value);
40 |         SCRIPT_EXPORT bool GetDF();
41 |         SCRIPT_EXPORT bool SetDF(bool value);
42 |         SCRIPT_EXPORT bool GetIF();
43 |         SCRIPT_EXPORT bool SetIF(bool value);
44 |     };
45 | };
46 | 
47 | #endif //_SCRIPTAPI_FLAG_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_function.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_FUNCTION_H
 2 | #define _SCRIPTAPI_FUNCTION_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Function
 9 |     {
10 |         struct FunctionInfo
11 |         {
12 |             char mod[MAX_MODULE_SIZE];
13 |             duint rvaStart;
14 |             duint rvaEnd;
15 |             bool manual;
16 |             duint instructioncount;
17 |         };
18 | 
19 |         SCRIPT_EXPORT bool Add(duint start, duint end, bool manual, duint instructionCount = 0);
20 |         SCRIPT_EXPORT bool Add(const FunctionInfo* info);
21 |         SCRIPT_EXPORT bool Get(duint addr, duint* start = nullptr, duint* end = nullptr, duint* instructionCount = nullptr);
22 |         SCRIPT_EXPORT bool GetInfo(duint addr, FunctionInfo* info);
23 |         SCRIPT_EXPORT bool Overlaps(duint start, duint end);
24 |         SCRIPT_EXPORT bool Delete(duint address);
25 |         SCRIPT_EXPORT void DeleteRange(duint start, duint end, bool deleteManual);
26 |         SCRIPT_EXPORT void DeleteRange(duint start, duint end);
27 |         SCRIPT_EXPORT void Clear();
28 |         SCRIPT_EXPORT bool GetList(ListOf(FunctionInfo) list); //caller has the responsibility to free the list
29 |     }; //Function
30 | }; //Script
31 | 
32 | #endif //_SCRIPTAPI_FUNCTION_H
33 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_gui.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_GUI_H
 2 | #define _SCRIPTAPI_GUI_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Gui
 9 |     {
10 |         namespace Disassembly
11 |         {
12 |             SCRIPT_EXPORT bool SelectionGet(duint* start, duint* end);
13 |             SCRIPT_EXPORT bool SelectionSet(duint start, duint end);
14 |             SCRIPT_EXPORT duint SelectionGetStart();
15 |             SCRIPT_EXPORT duint SelectionGetEnd();
16 |         }; //Disassembly
17 | 
18 |         namespace Dump
19 |         {
20 |             SCRIPT_EXPORT bool SelectionGet(duint* start, duint* end);
21 |             SCRIPT_EXPORT bool SelectionSet(duint start, duint end);
22 |             SCRIPT_EXPORT duint SelectionGetStart();
23 |             SCRIPT_EXPORT duint SelectionGetEnd();
24 |         }; //Dump
25 | 
26 |         namespace Stack
27 |         {
28 |             SCRIPT_EXPORT bool SelectionGet(duint* start, duint* end);
29 |             SCRIPT_EXPORT bool SelectionSet(duint start, duint end);
30 |             SCRIPT_EXPORT duint SelectionGetStart();
31 |             SCRIPT_EXPORT duint SelectionGetEnd();
32 |         }; //Stack
33 | 
34 |         namespace Graph
35 |         {
36 |             SCRIPT_EXPORT duint SelectionGetStart();
37 |         }; //Graph
38 | 
39 |         namespace MemMap
40 |         {
41 |             SCRIPT_EXPORT duint SelectionGetStart();
42 |         }; //MemoryMap
43 | 
44 |         namespace SymMod
45 |         {
46 |             SCRIPT_EXPORT duint SelectionGetStart();
47 |         }; //SymMod
48 |     }; //Gui
49 | 
50 |     namespace Gui
51 |     {
52 |         enum Window
53 |         {
54 |             DisassemblyWindow,
55 |             DumpWindow,
56 |             StackWindow,
57 |             GraphWindow,
58 |             MemMapWindow,
59 |             SymModWindow
60 |         };
61 | 
62 |         SCRIPT_EXPORT bool SelectionGet(Window window, duint* start, duint* end);
63 |         SCRIPT_EXPORT bool SelectionSet(Window window, duint start, duint end);
64 |         SCRIPT_EXPORT duint SelectionGetStart(Window window);
65 |         SCRIPT_EXPORT duint SelectionGetEnd(Window window);
66 |         SCRIPT_EXPORT void Message(const char* message);
67 |         SCRIPT_EXPORT bool MessageYesNo(const char* message);
68 |         SCRIPT_EXPORT bool InputLine(const char* title, char* text); //text[GUI_MAX_LINE_SIZE]
69 |         SCRIPT_EXPORT bool InputValue(const char* title, duint* value);
70 |         SCRIPT_EXPORT void Refresh();
71 |         SCRIPT_EXPORT void AddQWidgetTab(void* qWidget);
72 |         SCRIPT_EXPORT void ShowQWidgetTab(void* qWidget);
73 |         SCRIPT_EXPORT void CloseQWidgetTab(void* qWidget);
74 | 
75 |     }; //Gui
76 | }; //Script
77 | 
78 | #endif //_SCRIPTAPI_GUI_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_label.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_LABEL_H
 2 | #define _SCRIPTAPI_LABEL_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Label
 9 |     {
10 |         struct LabelInfo
11 |         {
12 |             char mod[MAX_MODULE_SIZE];
13 |             duint rva;
14 |             char text[MAX_LABEL_SIZE];
15 |             bool manual;
16 |         };
17 | 
18 |         SCRIPT_EXPORT bool Set(duint addr, const char* text, bool manual = false);
19 |         SCRIPT_EXPORT bool Set(const LabelInfo* info);
20 |         SCRIPT_EXPORT bool FromString(const char* label, duint* addr);
21 |         SCRIPT_EXPORT bool Get(duint addr, char* text); //text[MAX_LABEL_SIZE]
22 |         SCRIPT_EXPORT bool GetInfo(duint addr, LabelInfo* info);
23 |         SCRIPT_EXPORT bool Delete(duint addr);
24 |         SCRIPT_EXPORT void DeleteRange(duint start, duint end);
25 |         SCRIPT_EXPORT void Clear();
26 |         SCRIPT_EXPORT bool GetList(ListOf(LabelInfo) list); //caller has the responsibility to free the list
27 |     }; //Label
28 | }; //Script
29 | 
30 | #endif //_SCRIPTAPI_LABEL_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_memory.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_MEMORY_H
 2 | #define _SCRIPTAPI_MEMORY_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Memory
 9 |     {
10 |         SCRIPT_EXPORT bool Read(duint addr, void* data, duint size, duint* sizeRead);
11 |         SCRIPT_EXPORT bool Write(duint addr, const void* data, duint size, duint* sizeWritten);
12 |         SCRIPT_EXPORT bool IsValidPtr(duint addr);
13 |         SCRIPT_EXPORT duint RemoteAlloc(duint addr, duint size);
14 |         SCRIPT_EXPORT bool RemoteFree(duint addr);
15 |         SCRIPT_EXPORT unsigned int GetProtect(duint addr, bool reserved = false, bool cache = true);
16 |         SCRIPT_EXPORT duint GetBase(duint addr, bool reserved = false, bool cache = true);
17 |         SCRIPT_EXPORT duint GetSize(duint addr, bool reserved = false, bool cache = true);
18 | 
19 |         SCRIPT_EXPORT unsigned char ReadByte(duint addr);
20 |         SCRIPT_EXPORT bool WriteByte(duint addr, unsigned char data);
21 |         SCRIPT_EXPORT unsigned short ReadWord(duint addr);
22 |         SCRIPT_EXPORT bool WriteWord(duint addr, unsigned short data);
23 |         SCRIPT_EXPORT unsigned int ReadDword(duint addr);
24 |         SCRIPT_EXPORT bool WriteDword(duint addr, unsigned int data);
25 |         SCRIPT_EXPORT unsigned long long ReadQword(duint addr);
26 |         SCRIPT_EXPORT bool WriteQword(duint addr, unsigned long long data);
27 |         SCRIPT_EXPORT duint ReadPtr(duint addr);
28 |         SCRIPT_EXPORT bool WritePtr(duint addr, duint data);
29 |     }; //Memory
30 | }; //Script
31 | 
32 | #endif //_SCRIPTAPI_MEMORY_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_misc.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_MISC_H
 2 | #define _SCRIPTAPI_MISC_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Misc
 9 |     {
10 |         /// <summary>
11 |         /// Evaluates an expression and returns the result. Analagous to using the Command field in x64dbg.
12 |         ///
13 |         /// Expressions can consist of memory locations, registers, flags, API names, labels, symbols, variables etc.
14 |         ///
15 |         /// Example: bool success = ParseExpression("[esp+8]", &val)
16 |         /// </summary>
17 |         /// <param name="expression">The expression to evaluate.</param>
18 |         /// <param name="value">The result of the expression.</param>
19 |         /// <returns>True on success, False on failure.</returns>
20 |         SCRIPT_EXPORT bool ParseExpression(const char* expression, duint* value);
21 | 
22 |         /// <summary>
23 |         /// Returns the address of a function in the debuggee's memory space.
24 |         ///
25 |         /// Example: duint addr = RemoteGetProcAddress("kernel32.dll", "GetProcAddress")
26 |         /// </summary>
27 |         /// <param name="module">The name of the module.</param>
28 |         /// <param name="api">The name of the function.</param>
29 |         /// <returns>The address of the function in the debuggee.</returns>
30 |         SCRIPT_EXPORT duint RemoteGetProcAddress(const char* module, const char* api);
31 | 
32 |         /// <summary>
33 |         /// Returns the address for a label created in the disassembly window.
34 |         ///
35 |         /// Example: duint addr = ResolveLabel("sneaky_crypto")
36 |         /// </summary>
37 |         /// <param name="label">The name of the label to resolve.</param>
38 |         /// <returns>The memory address for the label.</returns>
39 |         SCRIPT_EXPORT duint ResolveLabel(const char* label);
40 | 
41 |         /// <summary>
42 |         /// Allocates the requested number of bytes from x64dbg's default process heap.
43 |         ///
44 |         /// Note: this allocation is in the debugger, not the debuggee.
45 |         ///
46 |         /// Memory allocated using this function should be Free'd after use.
47 |         ///
48 |         /// Example: void* addr = Alloc(0x100000)
49 |         /// </summary>
50 |         /// <param name="size">Number of bytes to allocate.</param>
51 |         /// <returns>A pointer to the newly allocated memory.</returns>
52 |         SCRIPT_EXPORT void* Alloc(duint size);
53 | 
54 |         /// <summary>
55 |         /// Frees memory previously allocated by Alloc.
56 |         ///
57 |         /// Example: Free(addr)
58 |         /// </summary>
59 |         /// <param name="ptr">Pointer returned by Alloc.</param>
60 |         /// <returns>Nothing.</returns>
61 |         SCRIPT_EXPORT void Free(void* ptr);
62 |     }; //Misc
63 | }; //Script
64 | 
65 | #endif //_SCRIPTAPI_MISC_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_module.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_MODULE_H
 2 | #define _SCRIPTAPI_MODULE_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Module
 9 |     {
10 |         struct ModuleInfo
11 |         {
12 |             duint base;
13 |             duint size;
14 |             duint entry;
15 |             int sectionCount;
16 |             char name[MAX_MODULE_SIZE];
17 |             char path[MAX_PATH];
18 |         };
19 | 
20 |         struct ModuleSectionInfo
21 |         {
22 |             duint addr;
23 |             duint size;
24 |             char name[MAX_SECTION_SIZE * 5];
25 |         };
26 | 
27 |         struct ModuleExport
28 |         {
29 |             duint ordinal;
30 |             duint rva;
31 |             duint va;
32 |             bool forwarded;
33 |             char forwardName[MAX_STRING_SIZE];
34 |             char name[MAX_STRING_SIZE];
35 |             char undecoratedName[MAX_STRING_SIZE];
36 |         };
37 | 
38 |         struct ModuleImport
39 |         {
40 |             duint iatRva;
41 |             duint iatVa;
42 |             duint ordinal; //equal to -1 if imported by name
43 |             char name[MAX_STRING_SIZE];
44 |             char undecoratedName[MAX_STRING_SIZE];
45 |         };
46 | 
47 |         SCRIPT_EXPORT bool InfoFromAddr(duint addr, ModuleInfo* info);
48 |         SCRIPT_EXPORT bool InfoFromName(const char* name, ModuleInfo* info);
49 |         SCRIPT_EXPORT duint BaseFromAddr(duint addr);
50 |         SCRIPT_EXPORT duint BaseFromName(const char* name);
51 |         SCRIPT_EXPORT duint SizeFromAddr(duint addr);
52 |         SCRIPT_EXPORT duint SizeFromName(const char* name);
53 |         SCRIPT_EXPORT bool NameFromAddr(duint addr, char* name); //name[MAX_MODULE_SIZE]
54 |         SCRIPT_EXPORT bool PathFromAddr(duint addr, char* path); //path[MAX_PATH]
55 |         SCRIPT_EXPORT bool PathFromName(const char* name, char* path); //path[MAX_PATH]
56 |         SCRIPT_EXPORT duint EntryFromAddr(duint addr);
57 |         SCRIPT_EXPORT duint EntryFromName(const char* name);
58 |         SCRIPT_EXPORT int SectionCountFromAddr(duint addr);
59 |         SCRIPT_EXPORT int SectionCountFromName(const char* name);
60 |         SCRIPT_EXPORT bool SectionFromAddr(duint addr, int number, ModuleSectionInfo* section);
61 |         SCRIPT_EXPORT bool SectionFromName(const char* name, int number, ModuleSectionInfo* section);
62 |         SCRIPT_EXPORT bool SectionListFromAddr(duint addr, ListOf(ModuleSectionInfo) list);
63 |         SCRIPT_EXPORT bool SectionListFromName(const char* name, ListOf(ModuleSectionInfo) list);
64 |         SCRIPT_EXPORT bool GetMainModuleInfo(ModuleInfo* info);
65 |         SCRIPT_EXPORT duint GetMainModuleBase();
66 |         SCRIPT_EXPORT duint GetMainModuleSize();
67 |         SCRIPT_EXPORT duint GetMainModuleEntry();
68 |         SCRIPT_EXPORT int GetMainModuleSectionCount();
69 |         SCRIPT_EXPORT bool GetMainModuleName(char* name); //name[MAX_MODULE_SIZE]
70 |         SCRIPT_EXPORT bool GetMainModulePath(char* path); //path[MAX_PATH]
71 |         SCRIPT_EXPORT bool GetMainModuleSectionList(ListOf(ModuleSectionInfo) list); //caller has the responsibility to free the list
72 |         SCRIPT_EXPORT bool GetList(ListOf(ModuleInfo) list); //caller has the responsibility to free the list
73 |         SCRIPT_EXPORT bool GetExports(const ModuleInfo* mod, ListOf(ModuleExport) list); //caller has the responsibility to free the list
74 |         SCRIPT_EXPORT bool GetImports(const ModuleInfo* mod, ListOf(ModuleImport) list); //caller has the responsibility to free the list
75 |     }; //Module
76 | }; //Script
77 | 
78 | #endif //_SCRIPTAPI_MODULE_H
79 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_pattern.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_PATTERN_H
 2 | #define _SCRIPTAPI_PATTERN_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Pattern
 9 |     {
10 |         SCRIPT_EXPORT duint Find(unsigned char* data, duint datasize, const char* pattern);
11 |         SCRIPT_EXPORT duint FindMem(duint start, duint size, const char* pattern);
12 |         SCRIPT_EXPORT void Write(unsigned char* data, duint datasize, const char* pattern);
13 |         SCRIPT_EXPORT void WriteMem(duint start, duint size, const char* pattern);
14 |         SCRIPT_EXPORT bool SearchAndReplace(unsigned char* data, duint datasize, const char* searchpattern, const char* replacepattern);
15 |         SCRIPT_EXPORT bool SearchAndReplaceMem(duint start, duint size, const char* searchpattern, const char* replacepattern);
16 |     };
17 | };
18 | 
19 | #endif //_SCRIPTAPI_FIND_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_register.h:
--------------------------------------------------------------------------------
  1 | #ifndef _SCRIPTAPI_REGISTER_H
  2 | #define _SCRIPTAPI_REGISTER_H
  3 | 
  4 | #include "_scriptapi.h"
  5 | 
  6 | namespace Script
  7 | {
  8 |     namespace Register
  9 |     {
 10 |         enum RegisterEnum
 11 |         {
 12 |             DR0,
 13 |             DR1,
 14 |             DR2,
 15 |             DR3,
 16 |             DR6,
 17 |             DR7,
 18 | 
 19 |             EAX,
 20 |             AX,
 21 |             AH,
 22 |             AL,
 23 |             EBX,
 24 |             BX,
 25 |             BH,
 26 |             BL,
 27 |             ECX,
 28 |             CX,
 29 |             CH,
 30 |             CL,
 31 |             EDX,
 32 |             DX,
 33 |             DH,
 34 |             DL,
 35 |             EDI,
 36 |             DI,
 37 |             ESI,
 38 |             SI,
 39 |             EBP,
 40 |             BP,
 41 |             ESP,
 42 |             SP,
 43 |             EIP,
 44 | 
 45 | #ifdef _WIN64
 46 |             RAX,
 47 |             RBX,
 48 |             RCX,
 49 |             RDX,
 50 |             RSI,
 51 |             SIL,
 52 |             RDI,
 53 |             DIL,
 54 |             RBP,
 55 |             BPL,
 56 |             RSP,
 57 |             SPL,
 58 |             RIP,
 59 |             R8,
 60 |             R8D,
 61 |             R8W,
 62 |             R8B,
 63 |             R9,
 64 |             R9D,
 65 |             R9W,
 66 |             R9B,
 67 |             R10,
 68 |             R10D,
 69 |             R10W,
 70 |             R10B,
 71 |             R11,
 72 |             R11D,
 73 |             R11W,
 74 |             R11B,
 75 |             R12,
 76 |             R12D,
 77 |             R12W,
 78 |             R12B,
 79 |             R13,
 80 |             R13D,
 81 |             R13W,
 82 |             R13B,
 83 |             R14,
 84 |             R14D,
 85 |             R14W,
 86 |             R14B,
 87 |             R15,
 88 |             R15D,
 89 |             R15W,
 90 |             R15B,
 91 | #endif //_WIN64
 92 | 
 93 |             CIP,
 94 |             CSP,
 95 |             CAX,
 96 |             CBX,
 97 |             CCX,
 98 |             CDX,
 99 |             CDI,
100 |             CSI,
101 |             CBP,
102 |             CFLAGS
103 |         }; //RegisterEnum
104 | 
105 |         SCRIPT_EXPORT duint Get(RegisterEnum reg);
106 |         SCRIPT_EXPORT bool Set(RegisterEnum reg, duint value);
107 |         SCRIPT_EXPORT int Size(); //gets architecture register size in bytes
108 | 
109 |         SCRIPT_EXPORT duint GetDR0();
110 |         SCRIPT_EXPORT bool SetDR0(duint value);
111 |         SCRIPT_EXPORT duint GetDR1();
112 |         SCRIPT_EXPORT bool SetDR1(duint value);
113 |         SCRIPT_EXPORT duint GetDR2();
114 |         SCRIPT_EXPORT bool SetDR2(duint value);
115 |         SCRIPT_EXPORT duint GetDR3();
116 |         SCRIPT_EXPORT bool SetDR3(duint value);
117 |         SCRIPT_EXPORT duint GetDR6();
118 |         SCRIPT_EXPORT bool SetDR6(duint value);
119 |         SCRIPT_EXPORT duint GetDR7();
120 |         SCRIPT_EXPORT bool SetDR7(duint value);
121 | 
122 |         SCRIPT_EXPORT unsigned int GetEAX();
123 |         SCRIPT_EXPORT bool SetEAX(unsigned int value);
124 |         SCRIPT_EXPORT unsigned short GetAX();
125 |         SCRIPT_EXPORT bool SetAX(unsigned short value);
126 |         SCRIPT_EXPORT unsigned char GetAH();
127 |         SCRIPT_EXPORT bool SetAH(unsigned char value);
128 |         SCRIPT_EXPORT unsigned char GetAL();
129 |         SCRIPT_EXPORT bool SetAL(unsigned char value);
130 |         SCRIPT_EXPORT unsigned int GetEBX();
131 |         SCRIPT_EXPORT bool SetEBX(unsigned int value);
132 |         SCRIPT_EXPORT unsigned short GetBX();
133 |         SCRIPT_EXPORT bool SetBX(unsigned short value);
134 |         SCRIPT_EXPORT unsigned char GetBH();
135 |         SCRIPT_EXPORT bool SetBH(unsigned char value);
136 |         SCRIPT_EXPORT unsigned char GetBL();
137 |         SCRIPT_EXPORT bool SetBL(unsigned char value);
138 |         SCRIPT_EXPORT unsigned int GetECX();
139 |         SCRIPT_EXPORT bool SetECX(unsigned int value);
140 |         SCRIPT_EXPORT unsigned short GetCX();
141 |         SCRIPT_EXPORT bool SetCX(unsigned short value);
142 |         SCRIPT_EXPORT unsigned char GetCH();
143 |         SCRIPT_EXPORT bool SetCH(unsigned char value);
144 |         SCRIPT_EXPORT unsigned char GetCL();
145 |         SCRIPT_EXPORT bool SetCL(unsigned char value);
146 |         SCRIPT_EXPORT unsigned int GetEDX();
147 |         SCRIPT_EXPORT bool SetEDX(unsigned int value);
148 |         SCRIPT_EXPORT unsigned short GetDX();
149 |         SCRIPT_EXPORT bool SetDX(unsigned short value);
150 |         SCRIPT_EXPORT unsigned char GetDH();
151 |         SCRIPT_EXPORT bool SetDH(unsigned char value);
152 |         SCRIPT_EXPORT unsigned char GetDL();
153 |         SCRIPT_EXPORT bool SetDL(unsigned char value);
154 |         SCRIPT_EXPORT unsigned int GetEDI();
155 |         SCRIPT_EXPORT bool SetEDI(unsigned int value);
156 |         SCRIPT_EXPORT unsigned short GetDI();
157 |         SCRIPT_EXPORT bool SetDI(unsigned short value);
158 |         SCRIPT_EXPORT unsigned int GetESI();
159 |         SCRIPT_EXPORT bool SetESI(unsigned int value);
160 |         SCRIPT_EXPORT unsigned short GetSI();
161 |         SCRIPT_EXPORT bool SetSI(unsigned short value);
162 |         SCRIPT_EXPORT unsigned int GetEBP();
163 |         SCRIPT_EXPORT bool SetEBP(unsigned int value);
164 |         SCRIPT_EXPORT unsigned short GetBP();
165 |         SCRIPT_EXPORT bool SetBP(unsigned short value);
166 |         SCRIPT_EXPORT unsigned int GetESP();
167 |         SCRIPT_EXPORT bool SetESP(unsigned int value);
168 |         SCRIPT_EXPORT unsigned short GetSP();
169 |         SCRIPT_EXPORT bool SetSP(unsigned short value);
170 |         SCRIPT_EXPORT unsigned int GetEIP();
171 |         SCRIPT_EXPORT bool SetEIP(unsigned int value);
172 | 
173 | #ifdef _WIN64
174 |         SCRIPT_EXPORT unsigned long long GetRAX();
175 |         SCRIPT_EXPORT bool SetRAX(unsigned long long value);
176 |         SCRIPT_EXPORT unsigned long long GetRBX();
177 |         SCRIPT_EXPORT bool SetRBX(unsigned long long value);
178 |         SCRIPT_EXPORT unsigned long long GetRCX();
179 |         SCRIPT_EXPORT bool SetRCX(unsigned long long value);
180 |         SCRIPT_EXPORT unsigned long long GetRDX();
181 |         SCRIPT_EXPORT bool SetRDX(unsigned long long value);
182 |         SCRIPT_EXPORT unsigned long long GetRSI();
183 |         SCRIPT_EXPORT bool SetRSI(unsigned long long value);
184 |         SCRIPT_EXPORT unsigned char GetSIL();
185 |         SCRIPT_EXPORT bool SetSIL(unsigned char value);
186 |         SCRIPT_EXPORT unsigned long long GetRDI();
187 |         SCRIPT_EXPORT bool SetRDI(unsigned long long value);
188 |         SCRIPT_EXPORT unsigned char GetDIL();
189 |         SCRIPT_EXPORT bool SetDIL(unsigned char value);
190 |         SCRIPT_EXPORT unsigned long long GetRBP();
191 |         SCRIPT_EXPORT bool SetRBP(unsigned long long value);
192 |         SCRIPT_EXPORT unsigned char GetBPL();
193 |         SCRIPT_EXPORT bool SetBPL(unsigned char value);
194 |         SCRIPT_EXPORT unsigned long long GetRSP();
195 |         SCRIPT_EXPORT bool SetRSP(unsigned long long value);
196 |         SCRIPT_EXPORT unsigned char GetSPL();
197 |         SCRIPT_EXPORT bool SetSPL(unsigned char value);
198 |         SCRIPT_EXPORT unsigned long long GetRIP();
199 |         SCRIPT_EXPORT bool SetRIP(unsigned long long value);
200 |         SCRIPT_EXPORT unsigned long long GetR8();
201 |         SCRIPT_EXPORT bool SetR8(unsigned long long value);
202 |         SCRIPT_EXPORT unsigned int GetR8D();
203 |         SCRIPT_EXPORT bool SetR8D(unsigned int value);
204 |         SCRIPT_EXPORT unsigned short GetR8W();
205 |         SCRIPT_EXPORT bool SetR8W(unsigned short value);
206 |         SCRIPT_EXPORT unsigned char GetR8B();
207 |         SCRIPT_EXPORT bool SetR8B(unsigned char value);
208 |         SCRIPT_EXPORT unsigned long long GetR9();
209 |         SCRIPT_EXPORT bool SetR9(unsigned long long value);
210 |         SCRIPT_EXPORT unsigned int GetR9D();
211 |         SCRIPT_EXPORT bool SetR9D(unsigned int value);
212 |         SCRIPT_EXPORT unsigned short GetR9W();
213 |         SCRIPT_EXPORT bool SetR9W(unsigned short value);
214 |         SCRIPT_EXPORT unsigned char GetR9B();
215 |         SCRIPT_EXPORT bool SetR9B(unsigned char value);
216 |         SCRIPT_EXPORT unsigned long long GetR10();
217 |         SCRIPT_EXPORT bool SetR10(unsigned long long value);
218 |         SCRIPT_EXPORT unsigned int GetR10D();
219 |         SCRIPT_EXPORT bool SetR10D(unsigned int value);
220 |         SCRIPT_EXPORT unsigned short GetR10W();
221 |         SCRIPT_EXPORT bool SetR10W(unsigned short value);
222 |         SCRIPT_EXPORT unsigned char GetR10B();
223 |         SCRIPT_EXPORT bool SetR10B(unsigned char value);
224 |         SCRIPT_EXPORT unsigned long long GetR11();
225 |         SCRIPT_EXPORT bool SetR11(unsigned long long value);
226 |         SCRIPT_EXPORT unsigned int GetR11D();
227 |         SCRIPT_EXPORT bool SetR11D(unsigned int value);
228 |         SCRIPT_EXPORT unsigned short GetR11W();
229 |         SCRIPT_EXPORT bool SetR11W(unsigned short value);
230 |         SCRIPT_EXPORT unsigned char GetR11B();
231 |         SCRIPT_EXPORT bool SetR11B(unsigned char value);
232 |         SCRIPT_EXPORT unsigned long long GetR12();
233 |         SCRIPT_EXPORT bool SetR12(unsigned long long value);
234 |         SCRIPT_EXPORT unsigned int GetR12D();
235 |         SCRIPT_EXPORT bool SetR12D(unsigned int value);
236 |         SCRIPT_EXPORT unsigned short GetR12W();
237 |         SCRIPT_EXPORT bool SetR12W(unsigned short value);
238 |         SCRIPT_EXPORT unsigned char GetR12B();
239 |         SCRIPT_EXPORT bool SetR12B(unsigned char value);
240 |         SCRIPT_EXPORT unsigned long long GetR13();
241 |         SCRIPT_EXPORT bool SetR13(unsigned long long value);
242 |         SCRIPT_EXPORT unsigned int GetR13D();
243 |         SCRIPT_EXPORT bool SetR13D(unsigned int value);
244 |         SCRIPT_EXPORT unsigned short GetR13W();
245 |         SCRIPT_EXPORT bool SetR13W(unsigned short value);
246 |         SCRIPT_EXPORT unsigned char GetR13B();
247 |         SCRIPT_EXPORT bool SetR13B(unsigned char value);
248 |         SCRIPT_EXPORT unsigned long long GetR14();
249 |         SCRIPT_EXPORT bool SetR14(unsigned long long value);
250 |         SCRIPT_EXPORT unsigned int GetR14D();
251 |         SCRIPT_EXPORT bool SetR14D(unsigned int value);
252 |         SCRIPT_EXPORT unsigned short GetR14W();
253 |         SCRIPT_EXPORT bool SetR14W(unsigned short value);
254 |         SCRIPT_EXPORT unsigned char GetR14B();
255 |         SCRIPT_EXPORT bool SetR14B(unsigned char value);
256 |         SCRIPT_EXPORT unsigned long long GetR15();
257 |         SCRIPT_EXPORT bool SetR15(unsigned long long value);
258 |         SCRIPT_EXPORT unsigned int GetR15D();
259 |         SCRIPT_EXPORT bool SetR15D(unsigned int value);
260 |         SCRIPT_EXPORT unsigned short GetR15W();
261 |         SCRIPT_EXPORT bool SetR15W(unsigned short value);
262 |         SCRIPT_EXPORT unsigned char GetR15B();
263 |         SCRIPT_EXPORT bool SetR15B(unsigned char value);
264 | #endif //_WIN64
265 | 
266 |         SCRIPT_EXPORT duint GetCAX();
267 |         SCRIPT_EXPORT bool SetCAX(duint value);
268 |         SCRIPT_EXPORT duint GetCBX();
269 |         SCRIPT_EXPORT bool SetCBX(duint value);
270 |         SCRIPT_EXPORT duint GetCCX();
271 |         SCRIPT_EXPORT bool SetCCX(duint value);
272 |         SCRIPT_EXPORT duint GetCDX();
273 |         SCRIPT_EXPORT bool SetCDX(duint value);
274 |         SCRIPT_EXPORT duint GetCDI();
275 |         SCRIPT_EXPORT bool SetCDI(duint value);
276 |         SCRIPT_EXPORT duint GetCSI();
277 |         SCRIPT_EXPORT bool SetCSI(duint value);
278 |         SCRIPT_EXPORT duint GetCBP();
279 |         SCRIPT_EXPORT bool SetCBP(duint value);
280 |         SCRIPT_EXPORT duint GetCSP();
281 |         SCRIPT_EXPORT bool SetCSP(duint value);
282 |         SCRIPT_EXPORT duint GetCIP();
283 |         SCRIPT_EXPORT bool SetCIP(duint value);
284 |         SCRIPT_EXPORT duint GetCFLAGS();
285 |         SCRIPT_EXPORT bool SetCFLAGS(duint value);
286 |     }; //Register
287 | }; //Script
288 | 
289 | #endif //_SCRIPTAPI_REGISTER_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_stack.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_STACK_H
 2 | #define _SCRIPTAPI_STACK_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Stack
 9 |     {
10 |         SCRIPT_EXPORT duint Pop();
11 |         SCRIPT_EXPORT duint Push(duint value); //returns the previous top, equal to Peek(1)
12 |         SCRIPT_EXPORT duint Peek(int offset = 0); //offset is in multiples of Register::Size(), for easy x32/x64 portability
13 |     }; //Stack
14 | }; //Script
15 | 
16 | #endif //_SCRIPTAPI_STACK_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/_scriptapi_symbol.h:
--------------------------------------------------------------------------------
 1 | #ifndef _SCRIPTAPI_SYMBOL_H
 2 | #define _SCRIPTAPI_SYMBOL_H
 3 | 
 4 | #include "_scriptapi.h"
 5 | 
 6 | namespace Script
 7 | {
 8 |     namespace Symbol
 9 |     {
10 |         enum SymbolType
11 |         {
12 |             Function, //user-defined function
13 |             Import, //IAT entry
14 |             Export //export
15 |         };
16 | 
17 |         struct SymbolInfo
18 |         {
19 |             char mod[MAX_MODULE_SIZE];
20 |             duint rva;
21 |             char name[MAX_LABEL_SIZE];
22 |             bool manual;
23 |             SymbolType type;
24 |         };
25 | 
26 |         SCRIPT_EXPORT bool GetList(ListOf(SymbolInfo) list); //caller has the responsibility to free the list
27 |     }; //Symbol
28 | }; //Script
29 | 
30 | #endif //_SCRIPTAPI_SYMBOL_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/bridgegraph.h:
--------------------------------------------------------------------------------
  1 | #ifndef _GRAPH_H
  2 | #define _GRAPH_H
  3 | 
  4 | typedef struct
  5 | {
  6 |     duint addr; //virtual address of the instruction
  7 |     unsigned char data[15]; //instruction bytes
  8 | } BridgeCFInstruction;
  9 | 
 10 | typedef struct
 11 | {
 12 |     duint parentGraph; //function of which this node is a part
 13 |     duint start; //start of the block
 14 |     duint end; //end of the block (inclusive)
 15 |     duint brtrue; //destination if condition is true
 16 |     duint brfalse; //destination if condition is false
 17 |     duint icount; //number of instructions in node
 18 |     bool terminal; //node is a RET
 19 |     bool split; //node is a split (brtrue points to the next node)
 20 |     bool indirectcall; //node contains indirect calls (call reg, call [reg+X])
 21 |     void* userdata; //user data
 22 |     ListInfo exits; //exits (including brtrue and brfalse, duint)
 23 |     ListInfo instrs; //block instructions
 24 | } BridgeCFNodeList;
 25 | 
 26 | typedef struct
 27 | {
 28 |     duint entryPoint; //graph entry point
 29 |     void* userdata; //user data
 30 |     ListInfo nodes; //graph nodes (BridgeCFNodeList)
 31 | } BridgeCFGraphList;
 32 | 
 33 | #ifdef __cplusplus
 34 | #if _MSC_VER >= 1700 && !defined(NO_CPP11)
 35 | 
 36 | #include <unordered_map>
 37 | #include <unordered_set>
 38 | #include <vector>
 39 | #include <utility>
 40 | 
 41 | struct BridgeCFNode
 42 | {
 43 |     duint parentGraph = 0; //function of which this node is a part
 44 |     duint start = 0; //va of the first instruction in the block
 45 |     duint end = 0; //va of the last instruction in the block (inclusive)
 46 |     duint brtrue = 0; //destination if condition is true
 47 |     duint brfalse = 0; //destination if condition is false
 48 |     duint icount = 0; //number of instructions in node
 49 |     bool terminal = false; //node is a RET
 50 |     bool split = false; //node is a split (brtrue points to the next node)
 51 |     bool indirectcall = false; //node contains indirect calls (call reg, call [reg+X])
 52 |     void* userdata = nullptr; //user data
 53 |     std::vector<duint> exits; //exits (including brtrue and brfalse)
 54 |     std::vector<BridgeCFInstruction> instrs; //block instructions
 55 | 
 56 |     static void Free(const BridgeCFNodeList* nodeList)
 57 |     {
 58 |         if(!BridgeList<duint>::Free(&nodeList->exits))
 59 |             __debugbreak();
 60 |         if(!BridgeList<BridgeCFInstruction>::Free(&nodeList->instrs))
 61 |             __debugbreak();
 62 |     }
 63 | 
 64 |     BridgeCFNode() = default;
 65 | 
 66 |     BridgeCFNode(const BridgeCFNodeList* nodeList, bool freedata)
 67 |     {
 68 |         if(!nodeList)
 69 |             __debugbreak();
 70 |         parentGraph = nodeList->parentGraph;
 71 |         start = nodeList->start;
 72 |         end = nodeList->end;
 73 |         brtrue = nodeList->brtrue;
 74 |         brfalse = nodeList->brfalse;
 75 |         icount = nodeList->icount;
 76 |         terminal = nodeList->terminal;
 77 |         indirectcall = nodeList->indirectcall;
 78 |         split = nodeList->split;
 79 |         userdata = nodeList->userdata;
 80 |         if(!BridgeList<duint>::ToVector(&nodeList->exits, exits, freedata))
 81 |             __debugbreak();
 82 |         if(!BridgeList<BridgeCFInstruction>::ToVector(&nodeList->instrs, instrs, freedata))
 83 |             __debugbreak();
 84 |     }
 85 | 
 86 |     BridgeCFNode(duint parentGraph, duint start, duint end)
 87 |         : parentGraph(parentGraph),
 88 |           start(start),
 89 |           end(end)
 90 |     {
 91 |     }
 92 | 
 93 |     BridgeCFNodeList ToNodeList() const
 94 |     {
 95 |         BridgeCFNodeList out;
 96 |         out.parentGraph = parentGraph;
 97 |         out.start = start;
 98 |         out.end = end;
 99 |         out.brtrue = brtrue;
100 |         out.brfalse = brfalse;
101 |         out.icount = icount;
102 |         out.terminal = terminal;
103 |         out.indirectcall = indirectcall;
104 |         out.split = split;
105 |         out.userdata = userdata;
106 |         BridgeList<duint>::CopyData(&out.exits, exits);
107 |         BridgeList<BridgeCFInstruction>::CopyData(&out.instrs, instrs);
108 |         return std::move(out);
109 |     }
110 | };
111 | 
112 | struct BridgeCFGraph
113 | {
114 |     duint entryPoint; //graph entry point
115 |     void* userdata; //user data
116 |     std::unordered_map<duint, BridgeCFNode> nodes; //CFNode.start -> CFNode
117 |     std::unordered_map<duint, std::unordered_set<duint>> parents; //CFNode.start -> parents
118 | 
119 |     static void Free(const BridgeCFGraphList* graphList)
120 |     {
121 |         if(!graphList || graphList->nodes.size != graphList->nodes.count * sizeof(BridgeCFNodeList))
122 |             __debugbreak();
123 |         auto data = (BridgeCFNodeList*)graphList->nodes.data;
124 |         for(int i = 0; i < graphList->nodes.count; i++)
125 |             BridgeCFNode::Free(&data[i]);
126 |         BridgeFree(data);
127 |     }
128 | 
129 |     explicit BridgeCFGraph(const BridgeCFGraphList* graphList, bool freedata)
130 |     {
131 |         if(!graphList || graphList->nodes.size != graphList->nodes.count * sizeof(BridgeCFNodeList))
132 |             __debugbreak();
133 |         entryPoint = graphList->entryPoint;
134 |         userdata = graphList->userdata;
135 |         auto data = (BridgeCFNodeList*)graphList->nodes.data;
136 |         for(int i = 0; i < graphList->nodes.count; i++)
137 |             AddNode(BridgeCFNode(&data[i], freedata));
138 |         if(freedata && data)
139 |             BridgeFree(data);
140 |     }
141 | 
142 |     explicit BridgeCFGraph(duint entryPoint)
143 |         : entryPoint(entryPoint),
144 |           userdata(nullptr)
145 |     {
146 |     }
147 | 
148 |     void AddNode(const BridgeCFNode & node)
149 |     {
150 |         nodes[node.start] = node;
151 |         AddParent(node.start, node.brtrue);
152 |         AddParent(node.start, node.brfalse);
153 |     }
154 | 
155 |     void AddParent(duint child, duint parent)
156 |     {
157 |         if(!child || !parent)
158 |             return;
159 |         auto found = parents.find(child);
160 |         if(found == parents.end())
161 |         {
162 |             parents[child] = std::unordered_set<duint>();
163 |             parents[child].insert(parent);
164 |         }
165 |         else
166 |             found->second.insert(parent);
167 |     }
168 | 
169 |     BridgeCFGraphList ToGraphList() const
170 |     {
171 |         BridgeCFGraphList out;
172 |         out.entryPoint = entryPoint;
173 |         out.userdata = userdata;
174 |         std::vector<BridgeCFNodeList> nodeList;
175 |         nodeList.reserve(nodes.size());
176 |         for(const auto & nodeIt : nodes)
177 |             nodeList.push_back(nodeIt.second.ToNodeList());
178 |         BridgeList<BridgeCFNodeList>::CopyData(&out.nodes, nodeList);
179 |         return std::move(out);
180 |     }
181 | };
182 | 
183 | #endif //_MSC_VER
184 | #endif //__cplusplus
185 | 
186 | #endif //_GRAPH_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/bridgelist.h:
--------------------------------------------------------------------------------
  1 | #ifndef _LIST_H
  2 | #define _LIST_H
  3 | 
  4 | typedef struct
  5 | {
  6 |     int count; //Number of element in the list.
  7 |     size_t size; //Size of list in bytes (used for type checking).
  8 |     void* data; //Pointer to the list contents. Must be deleted by the caller using BridgeFree (or BridgeList::Free).
  9 | } ListInfo;
 10 | 
 11 | #define ListOf(Type) ListInfo*
 12 | 
 13 | #ifdef __cplusplus
 14 | 
 15 | #include <vector>
 16 | 
 17 | /**
 18 | \brief A list object. This object is NOT thread safe.
 19 | \tparam Type BridgeList contents type.
 20 | */
 21 | template<typename Type>
 22 | class BridgeList
 23 | {
 24 | public:
 25 |     /**
 26 |     \brief BridgeList constructor.
 27 |     \param _freeData (Optional) the free function.
 28 |     */
 29 |     explicit BridgeList()
 30 |     {
 31 |         memset(&_listInfo, 0, sizeof(_listInfo));
 32 |     }
 33 | 
 34 |     /**
 35 |     \brief BridgeList destructor.
 36 |     */
 37 |     ~BridgeList()
 38 |     {
 39 |         Cleanup();
 40 |     }
 41 | 
 42 |     /**
 43 |     \brief Gets the list data.
 44 |     \return Returns ListInfo->data. Can be null if the list was never initialized. Will be destroyed once this object goes out of scope!
 45 |     */
 46 |     Type* Data() const
 47 |     {
 48 |         return reinterpret_cast<Type*>(_listInfo.data);
 49 |     }
 50 | 
 51 |     /**
 52 |     \brief Gets the number of elements in the list. This will crash the program if the data is not consistent with the specified template argument.
 53 |     \return The number of elements in the list.
 54 |     */
 55 |     int Count() const
 56 |     {
 57 |         if(_listInfo.size != _listInfo.count * sizeof(Type)) //make sure the user is using the correct type.
 58 |             __debugbreak();
 59 |         return _listInfo.count;
 60 |     }
 61 | 
 62 |     /**
 63 |     \brief Cleans up the list, freeing the list data when it is not null.
 64 |     */
 65 |     void Cleanup()
 66 |     {
 67 |         if(_listInfo.data)
 68 |         {
 69 |             BridgeFree(_listInfo.data);
 70 |             _listInfo.data = nullptr;
 71 |         }
 72 |     }
 73 | 
 74 |     /**
 75 |     \brief Reference operator (cleans up the previous list)
 76 |     \return Pointer to the ListInfo.
 77 |     */
 78 |     ListInfo* operator&()
 79 |     {
 80 |         Cleanup();
 81 |         return &_listInfo;
 82 |     }
 83 | 
 84 |     /**
 85 |     \brief Array indexer operator. This will crash if you try to access out-of-bounds.
 86 |     \param index Zero-based index of the item you want to get.
 87 |     \return Reference to a value at that index.
 88 |     */
 89 |     Type & operator[](size_t index) const
 90 |     {
 91 |         if(index >= size_t(Count())) //make sure the out-of-bounds access is caught as soon as possible.
 92 |             __debugbreak();
 93 |         return Data()[index];
 94 |     }
 95 | 
 96 |     /**
 97 |     \brief Copies data to a ListInfo structure..
 98 |     \param [out] listInfo If non-null, information describing the list.
 99 |     \param listData Data to copy in the ListInfo structure.
100 |     \return true if it succeeds, false if it fails.
101 |     */
102 |     static bool CopyData(ListInfo* listInfo, const std::vector<Type> & listData)
103 |     {
104 |         if(!listInfo)
105 |             return false;
106 |         listInfo->count = int(listData.size());
107 |         listInfo->size = listInfo->count * sizeof(Type);
108 |         if(listInfo->count)
109 |         {
110 |             listInfo->data = BridgeAlloc(listInfo->size);
111 |             Type* curItem = reinterpret_cast<Type*>(listInfo->data);
112 |             for(const auto & item : listData)
113 |             {
114 |                 *curItem = item;
115 |                 ++curItem;
116 |             }
117 |         }
118 |         else
119 |             listInfo->data = nullptr;
120 |         return true;
121 |     }
122 | 
123 |     static bool Free(const ListInfo* listInfo)
124 |     {
125 |         if(!listInfo || listInfo->size != listInfo->count * sizeof(Type) || (listInfo->count && !listInfo->data))
126 |             return false;
127 |         BridgeFree(listInfo->data);
128 |         return true;
129 |     }
130 | 
131 |     static bool ToVector(const ListInfo* listInfo, std::vector<Type> & listData, bool freedata = true)
132 |     {
133 |         if(!listInfo || listInfo->size != listInfo->count * sizeof(Type) || (listInfo->count && !listInfo->data))
134 |             return false;
135 |         listData.resize(listInfo->count);
136 |         for(int i = 0; i < listInfo->count; i++)
137 |             listData[i] = ((Type*)listInfo->data)[i];
138 |         if(freedata && listInfo->data)
139 |             BridgeFree(listInfo->data);
140 |         return true;
141 |     }
142 | 
143 | private:
144 |     ListInfo _listInfo;
145 | };
146 | 
147 | #endif //__cplusplus
148 | 
149 | #endif //_LIST_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/dbghelp/dbghelp_x64.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/dbghelp/dbghelp_x64.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/dbghelp/dbghelp_x64.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/dbghelp/dbghelp_x64.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/dbghelp/dbghelp_x86.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/dbghelp/dbghelp_x86.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/dbghelp/dbghelp_x86.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/dbghelp/dbghelp_x86.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson.h:
--------------------------------------------------------------------------------
  1 | /*
  2 |  * Copyright (c) 2009-2016 Petri Lehtinen <petri@digip.org>
  3 |  *
  4 |  * Jansson is free software; you can redistribute it and/or modify
  5 |  * it under the terms of the MIT license. See LICENSE for details.
  6 |  */
  7 | 
  8 | #ifndef JANSSON_H
  9 | #define JANSSON_H
 10 | 
 11 | #include <stdio.h>
 12 | #include <stdlib.h>  /* for size_t */
 13 | #include <stdarg.h>
 14 | 
 15 | #include "jansson_config.h"
 16 | 
 17 | #ifdef __cplusplus
 18 | extern "C" {
 19 | #endif
 20 | 
 21 | /* version */
 22 | 
 23 | #define JANSSON_MAJOR_VERSION  2
 24 | #define JANSSON_MINOR_VERSION  9
 25 | #define JANSSON_MICRO_VERSION  0
 26 | 
 27 | /* Micro version is omitted if it's 0 */
 28 | #define JANSSON_VERSION  "2.9"
 29 | 
 30 | /* Version as a 3-byte hex number, e.g. 0x010201 == 1.2.1. Use this
 31 |    for numeric comparisons, e.g. #if JANSSON_VERSION_HEX >= ... */
 32 | #define JANSSON_VERSION_HEX  ((JANSSON_MAJOR_VERSION << 16) |   \
 33 |                               (JANSSON_MINOR_VERSION << 8)  |   \
 34 |                               (JANSSON_MICRO_VERSION << 0))
 35 | 
 36 | 
 37 | /* types */
 38 | 
 39 | typedef enum
 40 | {
 41 |     JSON_OBJECT,
 42 |     JSON_ARRAY,
 43 |     JSON_STRING,
 44 |     JSON_INTEGER,
 45 |     JSON_REAL,
 46 |     JSON_TRUE,
 47 |     JSON_FALSE,
 48 |     JSON_NULL
 49 | } json_type;
 50 | 
 51 | typedef struct json_t
 52 | {
 53 |     json_type type;
 54 |     size_t refcount;
 55 | } json_t;
 56 | 
 57 | #ifndef JANSSON_USING_CMAKE /* disabled if using cmake */
 58 | #if JSON_INTEGER_IS_LONG_LONG
 59 | #ifdef _WIN32
 60 | #define JSON_INTEGER_FORMAT "I64d"
 61 | #else
 62 | #define JSON_INTEGER_FORMAT "lld"
 63 | #endif
 64 | typedef long long json_int_t;
 65 | #else
 66 | #define JSON_INTEGER_FORMAT "ld"
 67 | typedef long json_int_t;
 68 | #endif /* JSON_INTEGER_IS_LONG_LONG */
 69 | #endif
 70 | 
 71 | #define json_typeof(json)      ((json)->type)
 72 | #define json_is_object(json)   ((json) && json_typeof(json) == JSON_OBJECT)
 73 | #define json_is_array(json)    ((json) && json_typeof(json) == JSON_ARRAY)
 74 | #define json_is_string(json)   ((json) && json_typeof(json) == JSON_STRING)
 75 | #define json_is_integer(json)  ((json) && json_typeof(json) == JSON_INTEGER)
 76 | #define json_is_real(json)     ((json) && json_typeof(json) == JSON_REAL)
 77 | #define json_is_number(json)   (json_is_integer(json) || json_is_real(json))
 78 | #define json_is_true(json)     ((json) && json_typeof(json) == JSON_TRUE)
 79 | #define json_is_false(json)    ((json) && json_typeof(json) == JSON_FALSE)
 80 | #define json_boolean_value     json_is_true
 81 | #define json_is_boolean(json)  (json_is_true(json) || json_is_false(json))
 82 | #define json_is_null(json)     ((json) && json_typeof(json) == JSON_NULL)
 83 | 
 84 | /* construction, destruction, reference counting */
 85 | 
 86 | __declspec(dllimport) json_t* json_object(void);
 87 | __declspec(dllimport) json_t* json_array(void);
 88 | __declspec(dllimport) json_t* json_string(const char* value);
 89 | __declspec(dllimport) json_t* json_stringn(const char* value, size_t len);
 90 | __declspec(dllimport) json_t* json_string_nocheck(const char* value);
 91 | __declspec(dllimport) json_t* json_stringn_nocheck(const char* value, size_t len);
 92 | __declspec(dllimport) json_t* json_integer(json_int_t value);
 93 | __declspec(dllimport) json_t* json_real(double value);
 94 | __declspec(dllimport) json_t* json_true(void);
 95 | __declspec(dllimport) json_t* json_false(void);
 96 | #define json_boolean(val)      ((val) ? json_true() : json_false())
 97 | __declspec(dllimport) json_t* json_null(void);
 98 | 
 99 | static JSON_INLINE
100 | json_t* json_incref(json_t* json)
101 | {
102 |     if(json && json->refcount != (size_t) - 1)
103 |         ++json->refcount;
104 |     return json;
105 | }
106 | 
107 | /* do not call json_delete directly */
108 | __declspec(dllimport) void json_delete(json_t* json);
109 | 
110 | static JSON_INLINE
111 | void json_decref(json_t* json)
112 | {
113 |     if(json && json->refcount != (size_t) - 1 && --json->refcount == 0)
114 |         json_delete(json);
115 | }
116 | 
117 | #if defined(__GNUC__) || defined(__clang__)
118 | static JSON_INLINE
119 | void json_decrefp(json_t** json)
120 | {
121 |     if(json)
122 |     {
123 |         json_decref(*json);
124 |         *json = NULL;
125 |     }
126 | }
127 | 
128 | #define json_auto_t json_t __attribute__((cleanup(json_decrefp)))
129 | #endif
130 | 
131 | 
132 | /* error reporting */
133 | 
134 | #define JSON_ERROR_TEXT_LENGTH    160
135 | #define JSON_ERROR_SOURCE_LENGTH   80
136 | 
137 | typedef struct
138 | {
139 |     int line;
140 |     int column;
141 |     int position;
142 |     char source[JSON_ERROR_SOURCE_LENGTH];
143 |     char text[JSON_ERROR_TEXT_LENGTH];
144 | } json_error_t;
145 | 
146 | 
147 | /* getters, setters, manipulation */
148 | 
149 | __declspec(dllimport) void json_object_seed(size_t seed);
150 | __declspec(dllimport) size_t json_object_size(const json_t* object);
151 | __declspec(dllimport) json_t* json_object_get(const json_t* object, const char* key);
152 | __declspec(dllimport) int json_object_set_new(json_t* object, const char* key, json_t* value);
153 | __declspec(dllimport) int json_object_set_new_nocheck(json_t* object, const char* key, json_t* value);
154 | __declspec(dllimport) int json_object_del(json_t* object, const char* key);
155 | __declspec(dllimport) int json_object_clear(json_t* object);
156 | __declspec(dllimport) int json_object_update(json_t* object, json_t* other);
157 | __declspec(dllimport) int json_object_update_existing(json_t* object, json_t* other);
158 | __declspec(dllimport) int json_object_update_missing(json_t* object, json_t* other);
159 | __declspec(dllimport) void* json_object_iter(json_t* object);
160 | __declspec(dllimport) void* json_object_iter_at(json_t* object, const char* key);
161 | __declspec(dllimport) void* json_object_key_to_iter(const char* key);
162 | __declspec(dllimport) void* json_object_iter_next(json_t* object, void* iter);
163 | __declspec(dllimport) const char* json_object_iter_key(void* iter);
164 | __declspec(dllimport) json_t* json_object_iter_value(void* iter);
165 | __declspec(dllimport) int json_object_iter_set_new(json_t* object, void* iter, json_t* value);
166 | 
167 | #define json_object_foreach(object, key, value) \
168 |     for(key = json_object_iter_key(json_object_iter(object)); \
169 |         key && (value = json_object_iter_value(json_object_key_to_iter(key))); \
170 |         key = json_object_iter_key(json_object_iter_next(object, json_object_key_to_iter(key))))
171 | 
172 | #define json_object_foreach_safe(object, n, key, value)     \
173 |     for(key = json_object_iter_key(json_object_iter(object)), \
174 |             n = json_object_iter_next(object, json_object_key_to_iter(key)); \
175 |         key && (value = json_object_iter_value(json_object_key_to_iter(key))); \
176 |         key = json_object_iter_key(n), \
177 |             n = json_object_iter_next(object, json_object_key_to_iter(key)))
178 | 
179 | #define json_array_foreach(array, index, value) \
180 |     for(index = 0; \
181 |         index < json_array_size(array) && (value = json_array_get(array, index)); \
182 |         index++)
183 | 
184 | static JSON_INLINE
185 | int json_object_set(json_t* object, const char* key, json_t* value)
186 | {
187 |     return json_object_set_new(object, key, json_incref(value));
188 | }
189 | 
190 | static JSON_INLINE
191 | int json_object_set_nocheck(json_t* object, const char* key, json_t* value)
192 | {
193 |     return json_object_set_new_nocheck(object, key, json_incref(value));
194 | }
195 | 
196 | static JSON_INLINE
197 | int json_object_iter_set(json_t* object, void* iter, json_t* value)
198 | {
199 |     return json_object_iter_set_new(object, iter, json_incref(value));
200 | }
201 | 
202 | __declspec(dllimport) size_t json_array_size(const json_t* array);
203 | __declspec(dllimport) json_t* json_array_get(const json_t* array, size_t index);
204 | __declspec(dllimport) int json_array_set_new(json_t* array, size_t index, json_t* value);
205 | __declspec(dllimport) int json_array_append_new(json_t* array, json_t* value);
206 | __declspec(dllimport) int json_array_insert_new(json_t* array, size_t index, json_t* value);
207 | __declspec(dllimport) int json_array_remove(json_t* array, size_t index);
208 | __declspec(dllimport) int json_array_clear(json_t* array);
209 | __declspec(dllimport) int json_array_extend(json_t* array, json_t* other);
210 | 
211 | static JSON_INLINE
212 | int json_array_set(json_t* array, size_t ind, json_t* value)
213 | {
214 |     return json_array_set_new(array, ind, json_incref(value));
215 | }
216 | 
217 | static JSON_INLINE
218 | int json_array_append(json_t* array, json_t* value)
219 | {
220 |     return json_array_append_new(array, json_incref(value));
221 | }
222 | 
223 | static JSON_INLINE
224 | int json_array_insert(json_t* array, size_t ind, json_t* value)
225 | {
226 |     return json_array_insert_new(array, ind, json_incref(value));
227 | }
228 | 
229 | __declspec(dllimport) const char* json_string_value(const json_t* string);
230 | __declspec(dllimport) size_t json_string_length(const json_t* string);
231 | __declspec(dllimport) json_int_t json_integer_value(const json_t* integer);
232 | __declspec(dllimport) double json_real_value(const json_t* real);
233 | __declspec(dllimport) double json_number_value(const json_t* json);
234 | 
235 | __declspec(dllimport) int json_string_set(json_t* string, const char* value);
236 | __declspec(dllimport) int json_string_setn(json_t* string, const char* value, size_t len);
237 | __declspec(dllimport) int json_string_set_nocheck(json_t* string, const char* value);
238 | __declspec(dllimport) int json_string_setn_nocheck(json_t* string, const char* value, size_t len);
239 | __declspec(dllimport) int json_integer_set(json_t* integer, json_int_t value);
240 | __declspec(dllimport) int json_real_set(json_t* real, double value);
241 | 
242 | /* pack, unpack */
243 | 
244 | __declspec(dllimport) json_t* json_pack(const char* fmt, ...);
245 | __declspec(dllimport) json_t* json_pack_ex(json_error_t* error, size_t flags, const char* fmt, ...);
246 | __declspec(dllimport) json_t* json_vpack_ex(json_error_t* error, size_t flags, const char* fmt, va_list ap);
247 | 
248 | #define JSON_VALIDATE_ONLY  0x1
249 | #define JSON_STRICT         0x2
250 | 
251 | __declspec(dllimport) int json_unpack(json_t* root, const char* fmt, ...);
252 | __declspec(dllimport) int json_unpack_ex(json_t* root, json_error_t* error, size_t flags, const char* fmt, ...);
253 | __declspec(dllimport) int json_vunpack_ex(json_t* root, json_error_t* error, size_t flags, const char* fmt, va_list ap);
254 | 
255 | 
256 | /* equality */
257 | 
258 | __declspec(dllimport) int json_equal(json_t* value1, json_t* value2);
259 | 
260 | 
261 | /* copying */
262 | 
263 | __declspec(dllimport) json_t* json_copy(json_t* value);
264 | __declspec(dllimport) json_t* json_deep_copy(const json_t* value);
265 | 
266 | 
267 | /* decoding */
268 | 
269 | #define JSON_REJECT_DUPLICATES  0x1
270 | #define JSON_DISABLE_EOF_CHECK  0x2
271 | #define JSON_DECODE_ANY         0x4
272 | #define JSON_DECODE_INT_AS_REAL 0x8
273 | #define JSON_ALLOW_NUL          0x10
274 | 
275 | typedef size_t (*json_load_callback_t)(void* buffer, size_t buflen, void* data);
276 | 
277 | __declspec(dllimport) json_t* json_loads(const char* input, size_t flags, json_error_t* error);
278 | __declspec(dllimport) json_t* json_loadb(const char* buffer, size_t buflen, size_t flags, json_error_t* error);
279 | __declspec(dllimport) json_t* json_loadf(FILE* input, size_t flags, json_error_t* error);
280 | __declspec(dllimport) json_t* json_load_file(const char* path, size_t flags, json_error_t* error);
281 | __declspec(dllimport) json_t* json_load_callback(json_load_callback_t callback, void* data, size_t flags, json_error_t* error);
282 | 
283 | 
284 | /* encoding */
285 | 
286 | #define JSON_MAX_INDENT         0x1F
287 | #define JSON_INDENT(n)          ((n) & JSON_MAX_INDENT)
288 | #define JSON_COMPACT            0x20
289 | #define JSON_ENSURE_ASCII       0x40
290 | #define JSON_SORT_KEYS          0x80
291 | #define JSON_PRESERVE_ORDER     0x100
292 | #define JSON_ENCODE_ANY         0x200
293 | #define JSON_ESCAPE_SLASH       0x400
294 | #define JSON_REAL_PRECISION(n)  (((n) & 0x1F) << 11)
295 | 
296 | typedef int (*json_dump_callback_t)(const char* buffer, size_t size, void* data);
297 | 
298 | __declspec(dllimport) char* json_dumps(const json_t* json, size_t flags);
299 | __declspec(dllimport) int json_dumpf(const json_t* json, FILE* output, size_t flags);
300 | __declspec(dllimport) int json_dump_file(const json_t* json, const char* path, size_t flags);
301 | __declspec(dllimport) int json_dump_callback(const json_t* json, json_dump_callback_t callback, void* data, size_t flags);
302 | 
303 | /* custom memory allocation */
304 | 
305 | typedef void* (*json_malloc_t)(size_t);
306 | typedef void (*json_free_t)(void*);
307 | 
308 | __declspec(dllimport) void json_set_alloc_funcs(json_malloc_t malloc_fn, json_free_t free_fn);
309 | __declspec(dllimport) void json_get_alloc_funcs(json_malloc_t* malloc_fn, json_free_t* free_fn);
310 | 
311 | #ifdef __cplusplus
312 | }
313 | #endif
314 | 
315 | #endif
316 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson_config.h:
--------------------------------------------------------------------------------
 1 | /*
 2 |  * Copyright (c) 2010-2016 Petri Lehtinen <petri@digip.org>
 3 |  *
 4 |  * Jansson is free software; you can redistribute it and/or modify
 5 |  * it under the terms of the MIT license. See LICENSE for details.
 6 |  *
 7 |  *
 8 |  * This file specifies a part of the site-specific configuration for
 9 |  * Jansson, namely those things that affect the public API in
10 |  * jansson.h.
11 |  *
12 |  * The CMake system will generate the jansson_config.h file and
13 |  * copy it to the build and install directories.
14 |  */
15 | 
16 | #ifndef JANSSON_CONFIG_H
17 | #define JANSSON_CONFIG_H
18 | 
19 | /* Define this so that we can disable scattered automake configuration in source files */
20 | #ifndef JANSSON_USING_CMAKE
21 | #define JANSSON_USING_CMAKE
22 | #endif
23 | 
24 | /* Note: when using cmake, JSON_INTEGER_IS_LONG_LONG is not defined nor used,
25 |  * as we will also check for __int64 etc types.
26 |  * (the definition was used in the automake system) */
27 | 
28 | /* Bring in the cmake-detected defines */
29 | #define HAVE_STDINT_H 1
30 | /* #undef HAVE_INTTYPES_H */
31 | /* #undef HAVE_SYS_TYPES_H */
32 | 
33 | /* Include our standard type header for the integer typedef */
34 | 
35 | #if defined(HAVE_STDINT_H)
36 | #  include <stdint.h>
37 | #elif defined(HAVE_INTTYPES_H)
38 | #  include <inttypes.h>
39 | #elif defined(HAVE_SYS_TYPES_H)
40 | #  include <sys/types.h>
41 | #endif
42 | 
43 | 
44 | /* If your compiler supports the inline keyword in C, JSON_INLINE is
45 |    defined to `inline', otherwise empty. In C++, the inline is always
46 |    supported. */
47 | #ifdef __cplusplus
48 | #define JSON_INLINE inline
49 | #else
50 | #define JSON_INLINE __inline
51 | #endif
52 | 
53 | 
54 | #define json_int_t long long
55 | #define json_strtoint strtoll
56 | #define JSON_INTEGER_FORMAT "I64d"
57 | 
58 | 
59 | /* If locale.h and localeconv() are available, define to 1, otherwise to 0. */
60 | #define JSON_HAVE_LOCALECONV 1
61 | 
62 | 
63 | /* Maximum recursion depth for parsing JSON input.
64 |    This limits the depth of e.g. array-within-array constructions. */
65 | #define JSON_PARSER_MAX_DEPTH 2048
66 | 
67 | 
68 | #endif
69 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson_x64.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson_x64.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson_x64.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson_x64.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson_x64dbg.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | 
 3 | #include "jansson.h"
 4 | 
 5 | typedef json_t* JSON;
 6 | 
 7 | static JSON_INLINE
 8 | json_t* json_hex(unsigned json_int_t value)
 9 | {
10 |     char hexvalue[20];
11 |     sprintf_s(hexvalue, "0x%llX", value);
12 |     return json_string(hexvalue);
13 | }
14 | 
15 | static JSON_INLINE
16 | unsigned json_int_t json_hex_value(const json_t* hex)
17 | {
18 |     unsigned json_int_t ret = 0;
19 |     const char* hexvalue;
20 |     hexvalue = json_string_value(hex);
21 |     if(!hexvalue)
22 |         return 0;
23 |     sscanf_s(hexvalue, "0x%llX", &ret);
24 |     return ret;
25 | }
26 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson_x86.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson_x86.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson_x86.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/jansson/jansson_x86.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/lz4/lz4_x64.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/lz4/lz4_x64.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/lz4/lz4_x64.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/lz4/lz4_x64.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/lz4/lz4_x86.a:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/lz4/lz4_x86.a


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/lz4/lz4_x86.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/lz4/lz4_x86.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/lz4/lz4file.h:
--------------------------------------------------------------------------------
 1 | #ifndef _LZ4FILE_H
 2 | #define _LZ4FILE_H
 3 | 
 4 | typedef enum _LZ4_STATUS
 5 | {
 6 |     LZ4_SUCCESS,
 7 |     LZ4_FAILED_OPEN_INPUT,
 8 |     LZ4_FAILED_OPEN_OUTPUT,
 9 |     LZ4_NOT_ENOUGH_MEMORY,
10 |     LZ4_INVALID_ARCHIVE,
11 |     LZ4_CORRUPTED_ARCHIVE
12 | } LZ4_STATUS;
13 | 
14 | #if defined (__cplusplus)
15 | extern "C"
16 | {
17 | #endif
18 | 
19 | __declspec(dllimport) LZ4_STATUS LZ4_compress_file(const char* input_filename, const char* output_filename);
20 | __declspec(dllimport) LZ4_STATUS LZ4_compress_fileW(const wchar_t* input_filename, const wchar_t* output_filename);
21 | __declspec(dllimport) LZ4_STATUS LZ4_decompress_file(const char* input_filename, const char* output_filename);
22 | __declspec(dllimport) LZ4_STATUS LZ4_decompress_fileW(const wchar_t* input_filename, const wchar_t* output_filename);
23 | 
24 | #if defined (__cplusplus)
25 | }
26 | #endif
27 | 
28 | #endif //_LZ4FILE_H


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/lz4/lz4hc.h:
--------------------------------------------------------------------------------
  1 | /*
  2 |    LZ4 HC - High Compression Mode of LZ4
  3 |    Header File
  4 |    Copyright (C) 2011-2014, Yann Collet.
  5 |    BSD 2-Clause License (http://www.opensource.org/licenses/bsd-license.php)
  6 | 
  7 |    Redistribution and use in source and binary forms, with or without
  8 |    modification, are permitted provided that the following conditions are
  9 |    met:
 10 | 
 11 |        * Redistributions of source code must retain the above copyright
 12 |    notice, this list of conditions and the following disclaimer.
 13 |        * Redistributions in binary form must reproduce the above
 14 |    copyright notice, this list of conditions and the following disclaimer
 15 |    in the documentation and/or other materials provided with the
 16 |    distribution.
 17 | 
 18 |    THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 19 |    "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 20 |    LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 21 |    A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 22 |    OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 23 |    SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 24 |    LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 25 |    DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 26 |    THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 27 |    (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 28 |    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 29 | 
 30 |    You can contact the author at :
 31 |    - LZ4 homepage : http://fastcompression.blogspot.com/p/lz4.html
 32 |    - LZ4 source repository : http://code.google.com/p/lz4/
 33 | */
 34 | #ifndef _LZ4HC_H
 35 | #define _LZ4HC_H
 36 | 
 37 | #if defined (__cplusplus)
 38 | extern "C"
 39 | {
 40 | #endif
 41 | 
 42 | 
 43 | __declspec(dllimport) int LZ4_compressHC(const char* source, char* dest, int inputSize);
 44 | /*
 45 | LZ4_compressHC :
 46 |     return : the number of bytes in compressed buffer dest
 47 |              or 0 if compression fails.
 48 |     note : destination buffer must be already allocated.
 49 |         To avoid any problem, size it to handle worst cases situations (input data not compressible)
 50 |         Worst case size evaluation is provided by function LZ4_compressBound() (see "lz4.h")
 51 | */
 52 | 
 53 | __declspec(dllimport) int LZ4_compressHC_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize);
 54 | /*
 55 | LZ4_compress_limitedOutput() :
 56 |     Compress 'inputSize' bytes from 'source' into an output buffer 'dest' of maximum size 'maxOutputSize'.
 57 |     If it cannot achieve it, compression will stop, and result of the function will be zero.
 58 |     This function never writes outside of provided output buffer.
 59 | 
 60 |     inputSize  : Max supported value is 1 GB
 61 |     maxOutputSize : is maximum allowed size into the destination buffer (which must be already allocated)
 62 |     return : the number of output bytes written in buffer 'dest'
 63 |              or 0 if compression fails.
 64 | */
 65 | 
 66 | 
 67 | __declspec(dllimport) int LZ4_compressHC2(const char* source, char* dest, int inputSize, int compressionLevel);
 68 | __declspec(dllimport) int LZ4_compressHC2_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize, int compressionLevel);
 69 | /*
 70 |     Same functions as above, but with programmable 'compressionLevel'.
 71 |     Recommended values are between 4 and 9, although any value between 0 and 16 will work.
 72 |     'compressionLevel'==0 means use default 'compressionLevel' value.
 73 |     Values above 16 behave the same as 16.
 74 |     Equivalent variants exist for all other compression functions below.
 75 | */
 76 | 
 77 | /* Note :
 78 | Decompression functions are provided within LZ4 source code (see "lz4.h") (BSD license)
 79 | */
 80 | 
 81 | 
 82 | /**************************************
 83 |    Using an external allocation
 84 | **************************************/
 85 | __declspec(dllimport) int LZ4_sizeofStateHC(void);
 86 | __declspec(dllimport) int LZ4_compressHC_withStateHC(void* state, const char* source, char* dest, int inputSize);
 87 | __declspec(dllimport) int LZ4_compressHC_limitedOutput_withStateHC(void* state, const char* source, char* dest, int inputSize, int maxOutputSize);
 88 | 
 89 | __declspec(dllimport) int LZ4_compressHC2_withStateHC(void* state, const char* source, char* dest, int inputSize, int compressionLevel);
 90 | __declspec(dllimport) int LZ4_compressHC2_limitedOutput_withStateHC(void* state, const char* source, char* dest, int inputSize, int maxOutputSize, int compressionLevel);
 91 | 
 92 | /*
 93 | These functions are provided should you prefer to allocate memory for compression tables with your own allocation methods.
 94 | To know how much memory must be allocated for the compression tables, use :
 95 | int LZ4_sizeofStateHC();
 96 | 
 97 | Note that tables must be aligned for pointer (32 or 64 bits), otherwise compression will fail (return code 0).
 98 | 
 99 | The allocated memory can be provided to the compressions functions using 'void* state' parameter.
100 | LZ4_compress_withStateHC() and LZ4_compress_limitedOutput_withStateHC() are equivalent to previously described functions.
101 | They just use the externally allocated memory area instead of allocating their own (on stack, or on heap).
102 | */
103 | 
104 | 
105 | /**************************************
106 |    Streaming Functions
107 | **************************************/
108 | __declspec(dllimport) void* LZ4_createHC(const char* inputBuffer);
109 | __declspec(dllimport) int   LZ4_compressHC_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize);
110 | __declspec(dllimport) int   LZ4_compressHC_limitedOutput_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize, int maxOutputSize);
111 | __declspec(dllimport) char* LZ4_slideInputBufferHC(void* LZ4HC_Data);
112 | __declspec(dllimport) int   LZ4_freeHC(void* LZ4HC_Data);
113 | 
114 | __declspec(dllimport) int   LZ4_compressHC2_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize, int compressionLevel);
115 | __declspec(dllimport) int   LZ4_compressHC2_limitedOutput_continue(void* LZ4HC_Data, const char* source, char* dest, int inputSize, int maxOutputSize, int compressionLevel);
116 | 
117 | /*
118 | These functions allow the compression of dependent blocks, where each block benefits from prior 64 KB within preceding blocks.
119 | In order to achieve this, it is necessary to start creating the LZ4HC Data Structure, thanks to the function :
120 | 
121 | void* LZ4_createHC (const char* inputBuffer);
122 | The result of the function is the (void*) pointer on the LZ4HC Data Structure.
123 | This pointer will be needed in all other functions.
124 | If the pointer returned is NULL, then the allocation has failed, and compression must be aborted.
125 | The only parameter 'const char* inputBuffer' must, obviously, point at the beginning of input buffer.
126 | The input buffer must be already allocated, and size at least 192KB.
127 | 'inputBuffer' will also be the 'const char* source' of the first block.
128 | 
129 | All blocks are expected to lay next to each other within the input buffer, starting from 'inputBuffer'.
130 | To compress each block, use either LZ4_compressHC_continue() or LZ4_compressHC_limitedOutput_continue().
131 | Their behavior are identical to LZ4_compressHC() or LZ4_compressHC_limitedOutput(),
132 | but require the LZ4HC Data Structure as their first argument, and check that each block starts right after the previous one.
133 | If next block does not begin immediately after the previous one, the compression will fail (return 0).
134 | 
135 | When it's no longer possible to lay the next block after the previous one (not enough space left into input buffer), a call to :
136 | char* LZ4_slideInputBufferHC(void* LZ4HC_Data);
137 | must be performed. It will typically copy the latest 64KB of input at the beginning of input buffer.
138 | Note that, for this function to work properly, minimum size of an input buffer must be 192KB.
139 | ==> The memory position where the next input data block must start is provided as the result of the function.
140 | 
141 | Compression can then resume, using LZ4_compressHC_continue() or LZ4_compressHC_limitedOutput_continue(), as usual.
142 | 
143 | When compression is completed, a call to LZ4_freeHC() will release the memory used by the LZ4HC Data Structure.
144 | */
145 | 
146 | __declspec(dllimport) int LZ4_sizeofStreamStateHC(void);
147 | __declspec(dllimport) int LZ4_resetStreamStateHC(void* state, const char* inputBuffer);
148 | 
149 | /*
150 | These functions achieve the same result as :
151 | void* LZ4_createHC (const char* inputBuffer);
152 | 
153 | They are provided here to allow the user program to allocate memory using its own routines.
154 | 
155 | To know how much space must be allocated, use LZ4_sizeofStreamStateHC();
156 | Note also that space must be aligned for pointers (32 or 64 bits).
157 | 
158 | Once space is allocated, you must initialize it using : LZ4_resetStreamStateHC(void* state, const char* inputBuffer);
159 | void* state is a pointer to the space allocated.
160 | It must be aligned for pointers (32 or 64 bits), and be large enough.
161 | The parameter 'const char* inputBuffer' must, obviously, point at the beginning of input buffer.
162 | The input buffer must be already allocated, and size at least 192KB.
163 | 'inputBuffer' will also be the 'const char* source' of the first block.
164 | 
165 | The same space can be re-used multiple times, just by initializing it each time with LZ4_resetStreamState().
166 | return value of LZ4_resetStreamStateHC() must be 0 is OK.
167 | Any other value means there was an error (typically, state is not aligned for pointers (32 or 64 bits)).
168 | */
169 | 
170 | 
171 | #if defined (__cplusplus)
172 | }
173 | #endif
174 | 
175 | #endif //_LZ4HC_H
176 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/x32bridge.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/x32bridge.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/x32dbg.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/x32dbg.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/x64bridge.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/x64bridge.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pluginsdk/x64dbg.lib:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pluginsdk/x64dbg.lib


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/pulgin.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/pulgin.cpp


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/res/Thread.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/res/Thread.png


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/res/trace.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin-wtl/res/trace.png


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/resource.h:
--------------------------------------------------------------------------------
 1 | //{{NO_DEPENDENCIES}}
 2 | // Microsoft Visual C++ generated include file.
 3 | // Used by BranchTrace-x64plugin-wtl.rc
 4 | //
 5 | #define IDB_PNG_THREAD                  101
 6 | #define IDB_PNG_TRACE                   102
 7 | #define IDD_DIALOG_THREAD_TRACE1        105
 8 | #define IDD_DIALOG_THREAD_TRACE         105
 9 | #define IDC_COMBO1                      1002
10 | #define IDC_COMBO_THREAD                1002
11 | #define IDC_BUTTON1                     1003
12 | #define IDC_BUTTON_STARTTRACE           1003
13 | #define IDC_BUTTON2                     1004
14 | #define IDC_BUTTON_RESET                1004
15 | #define IDC_BUTTON3                     1005
16 | #define IDC_BUTTON_PREV                 1005
17 | #define IDC_BUTTON4                     1006
18 | #define IDC_BUTTON_NEXTINTO             1006
19 | #define IDC_BUTTON5                     1007
20 | #define IDC_BUTTON_PREVINTO             1007
21 | #define IDC_SLIDER1                     1008
22 | #define IDC_BUTTON_NEXT                 1008
23 | #define IDC_LIST1                       1013
24 | #define IDC_COMBO_MODULE                1014
25 | #define IDC_BUTTON_PROCSTART            1017
26 | #define IDC_BUTTON_PROCEND              1018
27 | #define IDC_BUTTON_TOEND                1019
28 | #define IDC_BUTTON_PREV_SNIPPET         1030
29 | #define IDC_BUTTON_PREVSNIPPET          1030
30 | #define IDC_BUTTON_NEXTSNIPPET          1031
31 | 
32 | // Next default values for new objects
33 | // 
34 | #ifdef APSTUDIO_INVOKED
35 | #ifndef APSTUDIO_READONLY_SYMBOLS
36 | #define _APS_NEXT_RESOURCE_VALUE        111
37 | #define _APS_NEXT_COMMAND_VALUE         40001
38 | #define _APS_NEXT_CONTROL_VALUE         1014
39 | #define _APS_NEXT_SYMED_VALUE           101
40 | #endif
41 | #endif
42 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin-wtl/stdafx.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | 
 3 | #define _ATL_USE_CSTRING
 4 | 
 5 | #include <atlbase.h>
 6 | #include <wtl\atlapp.h>
 7 | extern CAppModule _Module;
 8 | #include <atlwin.h>
 9 | #include <wtl\atlcrack.h>
10 | #include <wtl\atlctrls.h>
11 | #include <wtl\atlmisc.h>
12 | #include <wtl\atlddx.h>
13 | 
14 | 
15 | #include "resource.h"
16 | 
17 | 
18 | class CEditImpl : public CWindowImpl<CEditImpl, CEdit>
19 | {
20 |     BEGIN_MSG_MAP(CEditImpl)
21 |     END_MSG_MAP()
22 | };
23 | 
24 | class CComboBoxImpl : public CWindowImpl<CComboBoxImpl, CComboBox>
25 | {
26 |     BEGIN_MSG_MAP(CComboBoxImpl)
27 |     END_MSG_MAP()
28 | };
29 | 
30 | class CListViewImpl : public CWindowImpl<CListViewImpl, CListViewCtrl>
31 | {
32 |     BEGIN_MSG_MAP(CListViewImpl)
33 |     END_MSG_MAP()
34 | };
35 | 
36 | class CButtonImpl :public CWindowImpl<CButtonImpl, CButton>
37 | {
38 |     BEGIN_MSG_MAP(CButtonImpl)
39 |     END_MSG_MAP()
40 | };
41 | 
42 | class CTrackBarCtrlImpl : public CWindowImpl< CTrackBarCtrlImpl, CTrackBarCtrl> {
43 |     BEGIN_MSG_MAP(CTrackBarCtrlImpl)
44 |     END_MSG_MAP()
45 | };
46 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/BranchTrace-x64plugin.aps:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin/BranchTrace-x64plugin.aps


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/BranchTrace-x64plugin.cpp:
--------------------------------------------------------------------------------
 1 | // BranchTrace-x64plugin.cpp : Defines the initialization routines for the DLL.
 2 | //
 3 | 
 4 | #include "pch.h"
 5 | #include "framework.h"
 6 | #include "BranchTrace-x64plugin.h"
 7 | #include "plugin.h"
 8 | #include "ThreadTraceDialog.h"
 9 | 
10 | #ifdef _DEBUG
11 | #define new DEBUG_NEW
12 | #endif
13 | 
14 | //
15 | //TODO: If this DLL is dynamically linked against the MFC DLLs,
16 | //		any functions exported from this DLL which call into
17 | //		MFC must have the AFX_MANAGE_STATE macro added at the
18 | //		very beginning of the function.
19 | //
20 | //		For example:
21 | //
22 | //		extern "C" BOOL PASCAL EXPORT ExportedFunction()
23 | //		{
24 | //			AFX_MANAGE_STATE(AfxGetStaticModuleState());
25 | //			// normal function body here
26 | //		}
27 | //
28 | //		It is very important that this macro appear in each
29 | //		function, prior to any calls into MFC.  This means that
30 | //		it must appear as the first statement within the
31 | //		function, even before any object variable declarations
32 | //		as their constructors may generate calls into the MFC
33 | //		DLL.
34 | //
35 | //		Please see MFC Technical Notes 33 and 58 for additional
36 | //		details.
37 | //
38 | 
39 | // CBranchTracex64pluginApp
40 | 
41 | BEGIN_MESSAGE_MAP(CBranchTracex64pluginApp, CWinApp)
42 | END_MESSAGE_MAP()
43 | 
44 | 
45 | // CBranchTracex64pluginApp construction
46 | 
47 | CBranchTracex64pluginApp::CBranchTracex64pluginApp()
48 | {
49 | 	// TODO: add construction code here,
50 | 	// Place all significant initialization in InitInstance
51 | }
52 | 
53 | 
54 | // The one and only CBranchTracex64pluginApp object
55 | 
56 | CBranchTracex64pluginApp theApp;
57 | 
58 | 
59 | // CBranchTracex64pluginApp initialization
60 | 
61 | HMODULE g_hModule;
62 | BOOL CBranchTracex64pluginApp::InitInstance()
63 | {
64 | 	CWinApp::InitInstance();
65 | 	g_hModule =this->m_hInstance;
66 | 
67 | 	return TRUE;
68 | }
69 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/BranchTrace-x64plugin.h:
--------------------------------------------------------------------------------
 1 | // BranchTrace-x64plugin.h : main header file for the BranchTrace-x64plugin DLL
 2 | //
 3 | 
 4 | #pragma once
 5 | 
 6 | #ifndef __AFXWIN_H__
 7 | 	#error "include 'pch.h' before including this file for PCH"
 8 | #endif
 9 | 
10 | #include "resource.h"		// main symbols
11 | 
12 | 
13 | // CBranchTracex64pluginApp
14 | // See BranchTrace-x64plugin.cpp for the implementation of this class
15 | //
16 | 
17 | class CBranchTracex64pluginApp : public CWinApp
18 | {
19 | public:
20 | 	CBranchTracex64pluginApp();
21 | 
22 | // Overrides
23 | public:
24 | 	virtual BOOL InitInstance();
25 | 
26 | 	DECLARE_MESSAGE_MAP()
27 | };
28 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/BranchTrace-x64plugin.rc:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin/BranchTrace-x64plugin.rc


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/BranchTrace-x64plugin.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>16.0</VCProjectVersion>
 23 |     <ProjectGuid>{DB6AC0A0-15F8-46A2-B4F5-27F4181EE447}</ProjectGuid>
 24 |     <Keyword>MFCDLLProj</Keyword>
 25 |     <RootNamespace>BranchTracex64plugin</RootNamespace>
 26 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 27 |     <ProjectName>BranchTrace-x64plugin-mfc</ProjectName>
 28 |   </PropertyGroup>
 29 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 30 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 31 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 32 |     <UseDebugLibraries>true</UseDebugLibraries>
 33 |     <PlatformToolset>v142</PlatformToolset>
 34 |     <CharacterSet>MultiByte</CharacterSet>
 35 |     <UseOfMfc>Dynamic</UseOfMfc>
 36 |   </PropertyGroup>
 37 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 38 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 39 |     <UseDebugLibraries>false</UseDebugLibraries>
 40 |     <PlatformToolset>v142</PlatformToolset>
 41 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 42 |     <CharacterSet>MultiByte</CharacterSet>
 43 |     <UseOfMfc>Dynamic</UseOfMfc>
 44 |   </PropertyGroup>
 45 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 46 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 47 |     <UseDebugLibraries>true</UseDebugLibraries>
 48 |     <PlatformToolset>v142</PlatformToolset>
 49 |     <CharacterSet>MultiByte</CharacterSet>
 50 |     <UseOfMfc>Dynamic</UseOfMfc>
 51 |   </PropertyGroup>
 52 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 53 |     <ConfigurationType>DynamicLibrary</ConfigurationType>
 54 |     <UseDebugLibraries>false</UseDebugLibraries>
 55 |     <PlatformToolset>v142</PlatformToolset>
 56 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 57 |     <CharacterSet>MultiByte</CharacterSet>
 58 |     <UseOfMfc>Dynamic</UseOfMfc>
 59 |   </PropertyGroup>
 60 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 61 |   <ImportGroup Label="ExtensionSettings">
 62 |   </ImportGroup>
 63 |   <ImportGroup Label="Shared">
 64 |   </ImportGroup>
 65 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 66 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 67 |   </ImportGroup>
 68 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 69 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 70 |   </ImportGroup>
 71 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 72 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 73 |   </ImportGroup>
 74 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 75 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 76 |   </ImportGroup>
 77 |   <PropertyGroup Label="UserMacros" />
 78 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 79 |     <LinkIncremental>false</LinkIncremental>
 80 |     <TargetExt>.dp$(PlatformArchitecture)</TargetExt>
 81 |     <OutDir>..\..\..\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\plugins</OutDir>
 82 |   </PropertyGroup>
 83 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 84 |     <LinkIncremental>true</LinkIncremental>
 85 |     <OutDir>..\..\..\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\plugins</OutDir>
 86 |     <TargetExt>.dp$(PlatformArchitecture)</TargetExt>
 87 |   </PropertyGroup>
 88 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 89 |     <LinkIncremental>true</LinkIncremental>
 90 |     <OutDir>..\..\..\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\plugins</OutDir>
 91 |     <TargetExt>.dp$(PlatformArchitecture)</TargetExt>
 92 |   </PropertyGroup>
 93 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 94 |     <LinkIncremental>false</LinkIncremental>
 95 |     <OutDir>..\..\..\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\plugins</OutDir>
 96 |     <TargetExt>.dp$(PlatformArchitecture)</TargetExt>
 97 |   </PropertyGroup>
 98 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 99 |     <ClCompile>
100 |       <PrecompiledHeader>NotUsing</PrecompiledHeader>
101 |       <WarningLevel>Level3</WarningLevel>
102 |       <FunctionLevelLinking>true</FunctionLevelLinking>
103 |       <IntrinsicFunctions>true</IntrinsicFunctions>
104 |       <SDLCheck>true</SDLCheck>
105 |       <PreprocessorDefinitions>_WINDOWS;NDEBUG;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
106 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
107 |     </ClCompile>
108 |     <Link>
109 |       <SubSystem>Windows</SubSystem>
110 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
111 |       <OptimizeReferences>true</OptimizeReferences>
112 |       <ModuleDefinitionFile>
113 |       </ModuleDefinitionFile>
114 |     </Link>
115 |     <Midl>
116 |       <MkTypLibCompatible>false</MkTypLibCompatible>
117 |       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
118 |     </Midl>
119 |     <ResourceCompile>
120 |       <Culture>0x0409</Culture>
121 |       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
122 |       <AdditionalIncludeDirectories>$(IntDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
123 |     </ResourceCompile>
124 |   </ItemDefinitionGroup>
125 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
126 |     <ClCompile>
127 |       <PrecompiledHeader>NotUsing</PrecompiledHeader>
128 |       <WarningLevel>Level3</WarningLevel>
129 |       <SDLCheck>true</SDLCheck>
130 |       <PreprocessorDefinitions>WIN32;_WINDOWS;_DEBUG;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
131 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
132 |       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
133 |       <BasicRuntimeChecks>Default</BasicRuntimeChecks>
134 |       <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
135 |     </ClCompile>
136 |     <Link>
137 |       <SubSystem>Windows</SubSystem>
138 |       <ModuleDefinitionFile>
139 |       </ModuleDefinitionFile>
140 |       <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
141 |     </Link>
142 |     <Midl>
143 |       <MkTypLibCompatible>false</MkTypLibCompatible>
144 |       <PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
145 |     </Midl>
146 |     <ResourceCompile>
147 |       <Culture>0x0409</Culture>
148 |       <PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
149 |       <AdditionalIncludeDirectories>$(IntDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
150 |     </ResourceCompile>
151 |   </ItemDefinitionGroup>
152 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
153 |     <ClCompile>
154 |       <PrecompiledHeader>NotUsing</PrecompiledHeader>
155 |       <WarningLevel>Level3</WarningLevel>
156 |       <SDLCheck>true</SDLCheck>
157 |       <PreprocessorDefinitions>_WINDOWS;_DEBUG;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
158 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
159 |       <RuntimeLibrary>MultiThreadedDebugDLL</RuntimeLibrary>
160 |       <BasicRuntimeChecks>Default</BasicRuntimeChecks>
161 |       <DebugInformationFormat>EditAndContinue</DebugInformationFormat>
162 |     </ClCompile>
163 |     <Link>
164 |       <SubSystem>Windows</SubSystem>
165 |       <ModuleDefinitionFile>
166 |       </ModuleDefinitionFile>
167 |       <ImageHasSafeExceptionHandlers>false</ImageHasSafeExceptionHandlers>
168 |     </Link>
169 |     <Midl>
170 |       <MkTypLibCompatible>false</MkTypLibCompatible>
171 |       <PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
172 |     </Midl>
173 |     <ResourceCompile>
174 |       <Culture>0x0409</Culture>
175 |       <PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
176 |       <AdditionalIncludeDirectories>$(IntDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
177 |     </ResourceCompile>
178 |   </ItemDefinitionGroup>
179 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
180 |     <ClCompile>
181 |       <PrecompiledHeader>NotUsing</PrecompiledHeader>
182 |       <WarningLevel>Level3</WarningLevel>
183 |       <FunctionLevelLinking>true</FunctionLevelLinking>
184 |       <IntrinsicFunctions>true</IntrinsicFunctions>
185 |       <SDLCheck>true</SDLCheck>
186 |       <PreprocessorDefinitions>WIN32;_WINDOWS;NDEBUG;_USRDLL;%(PreprocessorDefinitions)</PreprocessorDefinitions>
187 |       <PrecompiledHeaderFile>pch.h</PrecompiledHeaderFile>
188 |     </ClCompile>
189 |     <Link>
190 |       <SubSystem>Windows</SubSystem>
191 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
192 |       <OptimizeReferences>true</OptimizeReferences>
193 |       <ModuleDefinitionFile>
194 |       </ModuleDefinitionFile>
195 |     </Link>
196 |     <Midl>
197 |       <MkTypLibCompatible>false</MkTypLibCompatible>
198 |       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
199 |     </Midl>
200 |     <ResourceCompile>
201 |       <Culture>0x0409</Culture>
202 |       <PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions>
203 |       <AdditionalIncludeDirectories>$(IntDir);%(AdditionalIncludeDirectories)</AdditionalIncludeDirectories>
204 |     </ResourceCompile>
205 |   </ItemDefinitionGroup>
206 |   <ItemGroup>
207 |     <ClCompile Include="BranchTrace-x64plugin.cpp" />
208 |     <ClCompile Include="plugin.cpp" />
209 |     <ClCompile Include="ThreadTraceDialog.cpp" />
210 |   </ItemGroup>
211 |   <ItemGroup>
212 |     <None Include="res\BranchTrace-x64plugin.rc2" />
213 |   </ItemGroup>
214 |   <ItemGroup>
215 |     <ClInclude Include="BranchTrace-x64plugin.h" />
216 |     <ClInclude Include="framework.h" />
217 |     <ClInclude Include="pch.h" />
218 |     <ClInclude Include="plugin.h" />
219 |     <ClInclude Include="pluginsdk\bridgegraph.h" />
220 |     <ClInclude Include="pluginsdk\bridgelist.h" />
221 |     <ClInclude Include="pluginsdk\bridgemain.h" />
222 |     <ClInclude Include="pluginsdk\_dbgfunctions.h" />
223 |     <ClInclude Include="pluginsdk\_plugins.h" />
224 |     <ClInclude Include="pluginsdk\_plugin_types.h" />
225 |     <ClInclude Include="pluginsdk\_scriptapi.h" />
226 |     <ClInclude Include="pluginsdk\_scriptapi_argument.h" />
227 |     <ClInclude Include="pluginsdk\_scriptapi_assembler.h" />
228 |     <ClInclude Include="pluginsdk\_scriptapi_bookmark.h" />
229 |     <ClInclude Include="pluginsdk\_scriptapi_comment.h" />
230 |     <ClInclude Include="pluginsdk\_scriptapi_debug.h" />
231 |     <ClInclude Include="pluginsdk\_scriptapi_flag.h" />
232 |     <ClInclude Include="pluginsdk\_scriptapi_function.h" />
233 |     <ClInclude Include="pluginsdk\_scriptapi_gui.h" />
234 |     <ClInclude Include="pluginsdk\_scriptapi_label.h" />
235 |     <ClInclude Include="pluginsdk\_scriptapi_memory.h" />
236 |     <ClInclude Include="pluginsdk\_scriptapi_misc.h" />
237 |     <ClInclude Include="pluginsdk\_scriptapi_module.h" />
238 |     <ClInclude Include="pluginsdk\_scriptapi_pattern.h" />
239 |     <ClInclude Include="pluginsdk\_scriptapi_register.h" />
240 |     <ClInclude Include="pluginsdk\_scriptapi_stack.h" />
241 |     <ClInclude Include="pluginsdk\_scriptapi_symbol.h" />
242 |     <ClInclude Include="plugin_global.h" />
243 |     <ClInclude Include="Resource.h" />
244 |     <ClInclude Include="targetver.h" />
245 |     <ClInclude Include="ThreadTraceDialog.h" />
246 |   </ItemGroup>
247 |   <ItemGroup>
248 |     <ResourceCompile Include="BranchTrace-x64plugin.rc" />
249 |   </ItemGroup>
250 |   <ItemGroup>
251 |     <Library Include="pluginsdk\x32bridge.lib" />
252 |     <Library Include="pluginsdk\x32dbg.lib" />
253 |     <Library Include="pluginsdk\x64bridge.lib" />
254 |     <Library Include="pluginsdk\x64dbg.lib" />
255 |   </ItemGroup>
256 |   <ItemGroup>
257 |     <Image Include="res\Thread.png" />
258 |     <Image Include="res\trace.png" />
259 |   </ItemGroup>
260 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
261 |   <ImportGroup Label="ExtensionTargets">
262 |   </ImportGroup>
263 | </Project>


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/BranchTrace-x64plugin.vcxproj.filters:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup>
  4 |     <Filter Include="Source Files">
  5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
  6 |       <Extensions>cpp;c;cc;cxx;c++;def;odl;idl;hpj;bat;asm;asmx</Extensions>
  7 |     </Filter>
  8 |     <Filter Include="Header Files">
  9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
 10 |       <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
 11 |     </Filter>
 12 |     <Filter Include="Resource Files">
 13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
 14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
 15 |     </Filter>
 16 |     <Filter Include="mfc">
 17 |       <UniqueIdentifier>{5c791c3b-b861-42ea-b0ec-3ab5ca302fe4}</UniqueIdentifier>
 18 |     </Filter>
 19 |     <Filter Include="Source Files\pluginsdk">
 20 |       <UniqueIdentifier>{c829ae2a-30e2-4106-be41-66a306087b66}</UniqueIdentifier>
 21 |     </Filter>
 22 |   </ItemGroup>
 23 |   <ItemGroup>
 24 |     <None Include="res\BranchTrace-x64plugin.rc2">
 25 |       <Filter>Resource Files</Filter>
 26 |     </None>
 27 |   </ItemGroup>
 28 |   <ItemGroup>
 29 |     <ClInclude Include="Resource.h">
 30 |       <Filter>Resource Files</Filter>
 31 |     </ClInclude>
 32 |     <ClInclude Include="targetver.h">
 33 |       <Filter>mfc</Filter>
 34 |     </ClInclude>
 35 |     <ClInclude Include="pch.h">
 36 |       <Filter>mfc</Filter>
 37 |     </ClInclude>
 38 |     <ClInclude Include="framework.h">
 39 |       <Filter>mfc</Filter>
 40 |     </ClInclude>
 41 |     <ClInclude Include="BranchTrace-x64plugin.h">
 42 |       <Filter>mfc</Filter>
 43 |     </ClInclude>
 44 |     <ClInclude Include="plugin.h">
 45 |       <Filter>Source Files</Filter>
 46 |     </ClInclude>
 47 |     <ClInclude Include="pluginsdk\_dbgfunctions.h">
 48 |       <Filter>Source Files\pluginsdk</Filter>
 49 |     </ClInclude>
 50 |     <ClInclude Include="pluginsdk\_plugin_types.h">
 51 |       <Filter>Source Files\pluginsdk</Filter>
 52 |     </ClInclude>
 53 |     <ClInclude Include="pluginsdk\_plugins.h">
 54 |       <Filter>Source Files\pluginsdk</Filter>
 55 |     </ClInclude>
 56 |     <ClInclude Include="pluginsdk\_scriptapi.h">
 57 |       <Filter>Source Files\pluginsdk</Filter>
 58 |     </ClInclude>
 59 |     <ClInclude Include="pluginsdk\_scriptapi_argument.h">
 60 |       <Filter>Source Files\pluginsdk</Filter>
 61 |     </ClInclude>
 62 |     <ClInclude Include="pluginsdk\_scriptapi_assembler.h">
 63 |       <Filter>Source Files\pluginsdk</Filter>
 64 |     </ClInclude>
 65 |     <ClInclude Include="pluginsdk\_scriptapi_bookmark.h">
 66 |       <Filter>Source Files\pluginsdk</Filter>
 67 |     </ClInclude>
 68 |     <ClInclude Include="pluginsdk\_scriptapi_comment.h">
 69 |       <Filter>Source Files\pluginsdk</Filter>
 70 |     </ClInclude>
 71 |     <ClInclude Include="pluginsdk\_scriptapi_debug.h">
 72 |       <Filter>Source Files\pluginsdk</Filter>
 73 |     </ClInclude>
 74 |     <ClInclude Include="pluginsdk\_scriptapi_flag.h">
 75 |       <Filter>Source Files\pluginsdk</Filter>
 76 |     </ClInclude>
 77 |     <ClInclude Include="pluginsdk\_scriptapi_function.h">
 78 |       <Filter>Source Files\pluginsdk</Filter>
 79 |     </ClInclude>
 80 |     <ClInclude Include="pluginsdk\_scriptapi_gui.h">
 81 |       <Filter>Source Files\pluginsdk</Filter>
 82 |     </ClInclude>
 83 |     <ClInclude Include="pluginsdk\_scriptapi_label.h">
 84 |       <Filter>Source Files\pluginsdk</Filter>
 85 |     </ClInclude>
 86 |     <ClInclude Include="pluginsdk\_scriptapi_memory.h">
 87 |       <Filter>Source Files\pluginsdk</Filter>
 88 |     </ClInclude>
 89 |     <ClInclude Include="pluginsdk\_scriptapi_misc.h">
 90 |       <Filter>Source Files\pluginsdk</Filter>
 91 |     </ClInclude>
 92 |     <ClInclude Include="pluginsdk\_scriptapi_module.h">
 93 |       <Filter>Source Files\pluginsdk</Filter>
 94 |     </ClInclude>
 95 |     <ClInclude Include="pluginsdk\_scriptapi_pattern.h">
 96 |       <Filter>Source Files\pluginsdk</Filter>
 97 |     </ClInclude>
 98 |     <ClInclude Include="pluginsdk\_scriptapi_register.h">
 99 |       <Filter>Source Files\pluginsdk</Filter>
100 |     </ClInclude>
101 |     <ClInclude Include="pluginsdk\_scriptapi_stack.h">
102 |       <Filter>Source Files\pluginsdk</Filter>
103 |     </ClInclude>
104 |     <ClInclude Include="pluginsdk\_scriptapi_symbol.h">
105 |       <Filter>Source Files\pluginsdk</Filter>
106 |     </ClInclude>
107 |     <ClInclude Include="pluginsdk\bridgegraph.h">
108 |       <Filter>Source Files\pluginsdk</Filter>
109 |     </ClInclude>
110 |     <ClInclude Include="pluginsdk\bridgelist.h">
111 |       <Filter>Source Files\pluginsdk</Filter>
112 |     </ClInclude>
113 |     <ClInclude Include="pluginsdk\bridgemain.h">
114 |       <Filter>Source Files\pluginsdk</Filter>
115 |     </ClInclude>
116 |     <ClInclude Include="ThreadTraceDialog.h">
117 |       <Filter>Source Files</Filter>
118 |     </ClInclude>
119 |     <ClInclude Include="plugin_global.h">
120 |       <Filter>Source Files</Filter>
121 |     </ClInclude>
122 |   </ItemGroup>
123 |   <ItemGroup>
124 |     <ResourceCompile Include="BranchTrace-x64plugin.rc">
125 |       <Filter>Resource Files</Filter>
126 |     </ResourceCompile>
127 |   </ItemGroup>
128 |   <ItemGroup>
129 |     <ClCompile Include="BranchTrace-x64plugin.cpp">
130 |       <Filter>mfc</Filter>
131 |     </ClCompile>
132 |     <ClCompile Include="plugin.cpp">
133 |       <Filter>Source Files</Filter>
134 |     </ClCompile>
135 |     <ClCompile Include="ThreadTraceDialog.cpp">
136 |       <Filter>Source Files</Filter>
137 |     </ClCompile>
138 |   </ItemGroup>
139 |   <ItemGroup>
140 |     <Library Include="pluginsdk\x32bridge.lib">
141 |       <Filter>Source Files\pluginsdk</Filter>
142 |     </Library>
143 |     <Library Include="pluginsdk\x32dbg.lib">
144 |       <Filter>Source Files\pluginsdk</Filter>
145 |     </Library>
146 |     <Library Include="pluginsdk\x64bridge.lib">
147 |       <Filter>Source Files\pluginsdk</Filter>
148 |     </Library>
149 |     <Library Include="pluginsdk\x64dbg.lib">
150 |       <Filter>Source Files\pluginsdk</Filter>
151 |     </Library>
152 |   </ItemGroup>
153 |   <ItemGroup>
154 |     <Image Include="res\trace.png">
155 |       <Filter>Resource Files</Filter>
156 |     </Image>
157 |     <Image Include="res\Thread.png">
158 |       <Filter>Resource Files</Filter>
159 |     </Image>
160 |   </ItemGroup>
161 | </Project>


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/BranchTrace-x64plugin.vcxproj.user:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 4 |     <LocalDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</LocalDebuggerCommand>
 5 |     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
 6 |   </PropertyGroup>
 7 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 8 |     <LocalDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</LocalDebuggerCommand>
 9 |     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
10 |   </PropertyGroup>
11 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
12 |     <LocalDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</LocalDebuggerCommand>
13 |     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
14 |   </PropertyGroup>
15 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
16 |     <LocalDebuggerCommand>E:\Projects\x64dbg_plugins\x64dbg\x$(PlatformArchitecture)\x$(PlatformArchitecture)dbg.exe</LocalDebuggerCommand>
17 |     <DebuggerFlavor>WindowsLocalDebugger</DebuggerFlavor>
18 |   </PropertyGroup>
19 |   <PropertyGroup>
20 |     <RESOURCE_FILE>BranchTrace-x64plugin.rc</RESOURCE_FILE>
21 |   </PropertyGroup>
22 | </Project>


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/ThreadTraceDialog.cpp:
--------------------------------------------------------------------------------
 1 | // ThreadTraceDialog.cpp : implementation file
 2 | //
 3 | 
 4 | #include "pch.h"
 5 | #include "BranchTrace-x64plugin.h"
 6 | #include "ThreadTraceDialog.h"
 7 | #include "afxdialogex.h"
 8 | #include "pluginsdk/bridgemain.h"
 9 | #include "pluginsdk/_plugins.h"
10 | 
11 | 
12 | // ThreadTraceDialog dialog
13 | 
14 | IMPLEMENT_DYNAMIC(CThreadTraceDialog, CDialog)
15 | 
16 | CThreadTraceDialog::CThreadTraceDialog(CWnd* pParent /*=nullptr*/)
17 |     : CDialog(IDD_DIALOG_THREAD_TRACE, pParent)
18 | {
19 | 
20 | }
21 | 
22 | CThreadTraceDialog::~CThreadTraceDialog()
23 | {
24 | }
25 | 
26 | void CThreadTraceDialog::DoDataExchange(CDataExchange* pDX)
27 | {
28 |     CDialog::DoDataExchange(pDX);
29 |     DDX_Control(pDX, IDC_COMBO_THREAD, threadCombo);
30 | }
31 | 
32 | 
33 | BEGIN_MESSAGE_MAP(CThreadTraceDialog, CDialog)
34 |     ON_CBN_DROPDOWN(IDC_COMBO_THREAD, &CThreadTraceDialog::OnCbnDropdownComboThread)
35 | END_MESSAGE_MAP()
36 | 
37 | 
38 | // ThreadTraceDialog message handlers
39 | 
40 | 
41 | void CThreadTraceDialog::OnCbnDropdownComboThread()
42 | {
43 |     // TODO: Add your control notification handler code here
44 |     THREADLIST threadList;
45 |     DbgGetThreadList(&threadList);
46 | 
47 |     threadCombo.ResetContent();
48 | 
49 |     for (size_t i = 0; i < threadList.count; i++)
50 |     {
51 |         THREADALLINFO* thread = &threadList.list[i];
52 | 
53 |         bool isMainThread = thread->BasicInfo.ThreadNumber == 0;
54 |         bool isCurrentThead = i == threadList.CurrentThread;
55 | 
56 |         CString str;
57 |         str.Format("[%d] thread-%x %s %s", i, thread->BasicInfo.ThreadId, isMainThread ? "[main]" : "", isCurrentThead ? "[current]" : "");
58 |         threadCombo.InsertString(i, str);
59 |         threadCombo.SetItemData(i, thread->BasicInfo.ThreadId);
60 | 
61 |         if (isMainThread) {
62 |             threadCombo.SetCurSel(i);
63 |         }
64 | 
65 |     }
66 | }
67 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/ThreadTraceDialog.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | 
 3 | 
 4 | // ThreadTraceDialog dialog
 5 | 
 6 | class CThreadTraceDialog : public CDialog
 7 | {
 8 | 	DECLARE_DYNAMIC(CThreadTraceDialog)
 9 | 
10 | public:
11 | 	CThreadTraceDialog(CWnd* pParent = nullptr);   // standard constructor
12 | 	virtual ~CThreadTraceDialog();
13 | 
14 | // Dialog Data
15 | #ifdef AFX_DESIGN_TIME
16 | 	enum { IDD = IDD_DIALOG_THREAD_TRACE };
17 | #endif
18 | 
19 | protected:
20 | 	virtual void DoDataExchange(CDataExchange* pDX);    // DDX/DDV support
21 | 
22 | 	DECLARE_MESSAGE_MAP()
23 | public:
24 | 	CComboBox threadCombo;
25 | 	afx_msg void OnCbnDropdownComboThread();
26 | };
27 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/framework.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | 
 3 | #ifndef VC_EXTRALEAN
 4 | #define VC_EXTRALEAN            // Exclude rarely-used stuff from Windows headers
 5 | #endif
 6 | 
 7 | #include "targetver.h"
 8 | 
 9 | #define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS      // some CString constructors will be explicit
10 | 
11 | #include <afxwin.h>         // MFC core and standard components
12 | #include <afxext.h>         // MFC extensions
13 | 
14 | #ifndef _AFX_NO_OLE_SUPPORT
15 | #include <afxole.h>         // MFC OLE classes
16 | #include <afxodlgs.h>       // MFC OLE dialog classes
17 | #include <afxdisp.h>        // MFC Automation classes
18 | #endif // _AFX_NO_OLE_SUPPORT
19 | 
20 | #ifndef _AFX_NO_DB_SUPPORT
21 | #include <afxdb.h>                      // MFC ODBC database classes
22 | #endif // _AFX_NO_DB_SUPPORT
23 | 
24 | #ifndef _AFX_NO_DAO_SUPPORT
25 | #include <afxdao.h>                     // MFC DAO database classes
26 | #endif // _AFX_NO_DAO_SUPPORT
27 | 
28 | #ifndef _AFX_NO_OLE_SUPPORT
29 | #include <afxdtctl.h>           // MFC support for Internet Explorer 4 Common Controls
30 | #endif
31 | #ifndef _AFX_NO_AFXCMN_SUPPORT
32 | #include <afxcmn.h>                     // MFC support for Windows Common Controls
33 | #endif // _AFX_NO_AFXCMN_SUPPORT
34 | 
35 | 
36 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/pch.h:
--------------------------------------------------------------------------------
 1 | // pch.h: This is a precompiled header file.
 2 | // Files listed below are compiled only once, improving build performance for future builds.
 3 | // This also affects IntelliSense performance, including code completion and many code browsing features.
 4 | // However, files listed here are ALL re-compiled if any one of them is updated between builds.
 5 | // Do not add files here that you will be updating frequently as this negates the performance advantage.
 6 | 
 7 | #ifndef PCH_H
 8 | #define PCH_H
 9 | 
10 | // add headers that you want to pre-compile here
11 | #include "framework.h"
12 | 
13 | #endif //PCH_H
14 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/plugin.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin/plugin.cpp


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/plugin.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin/plugin.h


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/plugin_global.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | #include "pch.h"
 3 | #include "ThreadTraceDialog.h"
 4 | 
 5 | class PluginGlobal {
 6 | 
 7 | public:
 8 |     CThreadTraceDialog* threadTraceDialog;
 9 | 
10 | private:
11 |     PluginGlobal() :threadTraceDialog(NULL) {
12 |         AFX_MANAGE_STATE(AfxGetStaticModuleState());
13 |         threadTraceDialog = new CThreadTraceDialog();
14 |     };
15 | 
16 | public:
17 |     ~PluginGlobal() {
18 |         CloseAll();
19 |     }
20 | 
21 | public:
22 |     static PluginGlobal* GetInstance() {
23 |         static PluginGlobal pluginGlobal;
24 |         return &pluginGlobal;
25 |     }
26 | 
27 |     void ShowDlgThreadTrace() {
28 |         auto showdlg = [](LPVOID data) -> DWORD {
29 |             AFX_MANAGE_STATE(AfxGetStaticModuleState());
30 |             PluginGlobal* pluginglobal = (PluginGlobal*)data;
31 |             pluginglobal->threadTraceDialog->DoModal();
32 |             return 0;
33 |         };
34 | 
35 |         AFX_MANAGE_STATE(AfxGetStaticModuleState());
36 |         HANDLE thread = CreateThread(NULL, 0, showdlg, this, 0, NULL);
37 |         if (thread != NULL) {
38 |             CloseHandle(thread);
39 |         }
40 |     };
41 | 
42 |     void CloseAll() {
43 |         SendMessage(threadTraceDialog->m_hWnd, WM_CLOSE, 0, 0);
44 |     }
45 | };
46 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/res/BranchTrace-x64plugin.rc2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin/res/BranchTrace-x64plugin.rc2


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/res/Thread.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin/res/Thread.png


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/res/trace.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTrace-x64plugin/res/trace.png


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/resource.h:
--------------------------------------------------------------------------------
 1 | //{{NO_DEPENDENCIES}}
 2 | // Microsoft Visual C++ generated include file.
 3 | // Used by BranchTrace-x64plugin.rc
 4 | //
 5 | #define IDB_PNG1                        1000
 6 | #define IDB_PNG_TRACE                   1000
 7 | #define IDC_COMBO_THREAD                1000
 8 | #define IDB_PNG_THREAD                  1001
 9 | #define IDC_BUTTON1                     1001
10 | #define IDD_DIALOG_THREAD_TRACE         1002
11 | #define IDC_BUTTON3                     1003
12 | 
13 | // Next default values for new objects
14 | // 
15 | #ifdef APSTUDIO_INVOKED
16 | #ifndef APSTUDIO_READONLY_SYMBOLS
17 | #define _APS_NEXT_RESOURCE_VALUE        1004
18 | #define _APS_NEXT_COMMAND_VALUE         32771
19 | #define _APS_NEXT_CONTROL_VALUE         1010
20 | #define _APS_NEXT_SYMED_VALUE           1000
21 | #endif
22 | #endif
23 | 


--------------------------------------------------------------------------------
/BranchTrace-x64plugin/targetver.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | 
3 | // Including SDKDDKVer.h defines the highest available Windows platform.
4 | 
5 | // If you wish to build your application for a previous Windows platform, include WinSDKVer.h and
6 | // set the _WIN32_WINNT macro to the platform you wish to support before including SDKDDKVer.h.
7 | 
8 | #include <SDKDDKVer.h>
9 | 


--------------------------------------------------------------------------------
/BranchTraceExe/BrachTraceExe.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <VCProjectVersion>16.0</VCProjectVersion>
 23 |     <ProjectGuid>{8D95F0D0-2975-4A8B-9499-317C50E55264}</ProjectGuid>
 24 |     <RootNamespace>BrachTraceExe</RootNamespace>
 25 |     <WindowsTargetPlatformVersion>10.0</WindowsTargetPlatformVersion>
 26 |   </PropertyGroup>
 27 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 28 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 29 |     <ConfigurationType>Application</ConfigurationType>
 30 |     <UseDebugLibraries>true</UseDebugLibraries>
 31 |     <PlatformToolset>v142</PlatformToolset>
 32 |     <CharacterSet>Unicode</CharacterSet>
 33 |   </PropertyGroup>
 34 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 35 |     <ConfigurationType>Application</ConfigurationType>
 36 |     <UseDebugLibraries>false</UseDebugLibraries>
 37 |     <PlatformToolset>v142</PlatformToolset>
 38 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 39 |     <CharacterSet>Unicode</CharacterSet>
 40 |   </PropertyGroup>
 41 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 42 |     <ConfigurationType>Application</ConfigurationType>
 43 |     <UseDebugLibraries>true</UseDebugLibraries>
 44 |     <PlatformToolset>v142</PlatformToolset>
 45 |     <CharacterSet>Unicode</CharacterSet>
 46 |   </PropertyGroup>
 47 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 48 |     <ConfigurationType>Application</ConfigurationType>
 49 |     <UseDebugLibraries>false</UseDebugLibraries>
 50 |     <PlatformToolset>v142</PlatformToolset>
 51 |     <WholeProgramOptimization>true</WholeProgramOptimization>
 52 |     <CharacterSet>Unicode</CharacterSet>
 53 |   </PropertyGroup>
 54 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 55 |   <ImportGroup Label="ExtensionSettings">
 56 |   </ImportGroup>
 57 |   <ImportGroup Label="Shared">
 58 |   </ImportGroup>
 59 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 60 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 61 |   </ImportGroup>
 62 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 63 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 64 |   </ImportGroup>
 65 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 66 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 67 |   </ImportGroup>
 68 |   <ImportGroup Label="PropertySheets" Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 69 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 70 |   </ImportGroup>
 71 |   <PropertyGroup Label="UserMacros" />
 72 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 73 |     <LinkIncremental>false</LinkIncremental>
 74 |   </PropertyGroup>
 75 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 76 |     <LinkIncremental>true</LinkIncremental>
 77 |   </PropertyGroup>
 78 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 79 |     <LinkIncremental>true</LinkIncremental>
 80 |   </PropertyGroup>
 81 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 82 |     <LinkIncremental>false</LinkIncremental>
 83 |   </PropertyGroup>
 84 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 85 |     <ClCompile>
 86 |       <WarningLevel>Level3</WarningLevel>
 87 |       <FunctionLevelLinking>true</FunctionLevelLinking>
 88 |       <IntrinsicFunctions>true</IntrinsicFunctions>
 89 |       <SDLCheck>true</SDLCheck>
 90 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
 91 |       <ConformanceMode>true</ConformanceMode>
 92 |       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
 93 |     </ClCompile>
 94 |     <Link>
 95 |       <SubSystem>Console</SubSystem>
 96 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
 97 |       <OptimizeReferences>true</OptimizeReferences>
 98 |       <GenerateDebugInformation>true</GenerateDebugInformation>
 99 |     </Link>
100 |   </ItemDefinitionGroup>
101 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
102 |     <ClCompile>
103 |       <WarningLevel>Level3</WarningLevel>
104 |       <SDLCheck>true</SDLCheck>
105 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
106 |       <ConformanceMode>true</ConformanceMode>
107 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
108 |     </ClCompile>
109 |     <Link>
110 |       <SubSystem>Console</SubSystem>
111 |       <GenerateDebugInformation>true</GenerateDebugInformation>
112 |     </Link>
113 |   </ItemDefinitionGroup>
114 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
115 |     <ClCompile>
116 |       <WarningLevel>Level3</WarningLevel>
117 |       <SDLCheck>true</SDLCheck>
118 |       <PreprocessorDefinitions>_DEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
119 |       <ConformanceMode>true</ConformanceMode>
120 |       <RuntimeLibrary>MultiThreadedDebug</RuntimeLibrary>
121 |     </ClCompile>
122 |     <Link>
123 |       <SubSystem>Console</SubSystem>
124 |       <GenerateDebugInformation>true</GenerateDebugInformation>
125 |     </Link>
126 |   </ItemDefinitionGroup>
127 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
128 |     <ClCompile>
129 |       <WarningLevel>Level3</WarningLevel>
130 |       <FunctionLevelLinking>true</FunctionLevelLinking>
131 |       <IntrinsicFunctions>true</IntrinsicFunctions>
132 |       <SDLCheck>true</SDLCheck>
133 |       <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
134 |       <ConformanceMode>true</ConformanceMode>
135 |       <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
136 |     </ClCompile>
137 |     <Link>
138 |       <SubSystem>Console</SubSystem>
139 |       <EnableCOMDATFolding>true</EnableCOMDATFolding>
140 |       <OptimizeReferences>true</OptimizeReferences>
141 |       <GenerateDebugInformation>true</GenerateDebugInformation>
142 |     </Link>
143 |   </ItemDefinitionGroup>
144 |   <ItemGroup>
145 |     <ClCompile Include="brach-trace-exe.cpp" />
146 |   </ItemGroup>
147 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
148 |   <ImportGroup Label="ExtensionTargets">
149 |   </ImportGroup>
150 | </Project>


--------------------------------------------------------------------------------
/BranchTraceExe/BrachTraceExe.vcxproj.filters:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <ItemGroup>
 4 |     <Filter Include="Source Files">
 5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
 6 |       <Extensions>cpp;c;cc;cxx;c++;def;odl;idl;hpj;bat;asm;asmx</Extensions>
 7 |     </Filter>
 8 |     <Filter Include="Header Files">
 9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
10 |       <Extensions>h;hh;hpp;hxx;h++;hm;inl;inc;ipp;xsd</Extensions>
11 |     </Filter>
12 |     <Filter Include="Resource Files">
13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
15 |     </Filter>
16 |   </ItemGroup>
17 |   <ItemGroup>
18 |     <ClCompile Include="brach-trace-exe.cpp">
19 |       <Filter>Source Files</Filter>
20 |     </ClCompile>
21 |   </ItemGroup>
22 | </Project>


--------------------------------------------------------------------------------
/BranchTraceExe/BrachTraceExe.vcxproj.user:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 4 |     <DebuggerFlavor>WindowsRemoteDebugger</DebuggerFlavor>
 5 |     <RemoteDebuggerCommand>$(TargetPath)</RemoteDebuggerCommand>
 6 |     <RemoteDebuggerServerName>192.168.3.7</RemoteDebuggerServerName>
 7 |     <RemoteDebuggerConnection>RemoteWithoutAuthentication</RemoteDebuggerConnection>
 8 |   </PropertyGroup>
 9 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
10 |     <RemoteDebuggerCommand>$(TargetPath)</RemoteDebuggerCommand>
11 |     <DebuggerFlavor>WindowsRemoteDebugger</DebuggerFlavor>
12 |     <RemoteDebuggerServerName>192.168.3.7</RemoteDebuggerServerName>
13 |     <RemoteDebuggerConnection>RemoteWithoutAuthentication</RemoteDebuggerConnection>
14 |   </PropertyGroup>
15 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
16 |     <RemoteDebuggerCommand>$(TargetPath)</RemoteDebuggerCommand>
17 |     <DebuggerFlavor>WindowsRemoteDebugger</DebuggerFlavor>
18 |     <RemoteDebuggerServerName>192.168.3.7</RemoteDebuggerServerName>
19 |     <RemoteDebuggerConnection>RemoteWithoutAuthentication</RemoteDebuggerConnection>
20 |   </PropertyGroup>
21 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
22 |     <RemoteDebuggerCommand>$(TargetPath)</RemoteDebuggerCommand>
23 |     <DebuggerFlavor>WindowsRemoteDebugger</DebuggerFlavor>
24 |     <RemoteDebuggerServerName>192.168.3.7</RemoteDebuggerServerName>
25 |     <RemoteDebuggerConnection>RemoteWithoutAuthentication</RemoteDebuggerConnection>
26 |   </PropertyGroup>
27 | </Project>


--------------------------------------------------------------------------------
/BranchTraceExe/brach-trace-exe.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTraceExe/brach-trace-exe.cpp


--------------------------------------------------------------------------------
/BranchTracerSys/BranchTracerSys.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTracerSys/BranchTracerSys.cpp


--------------------------------------------------------------------------------
/BranchTracerSys/BranchTracerSys.vcxproj:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project DefaultTargets="Build" ToolsVersion="12.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup Label="ProjectConfigurations">
  4 |     <ProjectConfiguration Include="Debug|Win32">
  5 |       <Configuration>Debug</Configuration>
  6 |       <Platform>Win32</Platform>
  7 |     </ProjectConfiguration>
  8 |     <ProjectConfiguration Include="Release|Win32">
  9 |       <Configuration>Release</Configuration>
 10 |       <Platform>Win32</Platform>
 11 |     </ProjectConfiguration>
 12 |     <ProjectConfiguration Include="Debug|x64">
 13 |       <Configuration>Debug</Configuration>
 14 |       <Platform>x64</Platform>
 15 |     </ProjectConfiguration>
 16 |     <ProjectConfiguration Include="Release|x64">
 17 |       <Configuration>Release</Configuration>
 18 |       <Platform>x64</Platform>
 19 |     </ProjectConfiguration>
 20 |   </ItemGroup>
 21 |   <PropertyGroup Label="Globals">
 22 |     <ProjectGuid>{D043300D-A14F-4E73-99A3-73C48E142404}</ProjectGuid>
 23 |     <TemplateGuid>{dd38f7fc-d7bd-488b-9242-7d8754cde80d}</TemplateGuid>
 24 |     <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
 25 |     <MinimumVisualStudioVersion>12.0</MinimumVisualStudioVersion>
 26 |     <Configuration>Debug</Configuration>
 27 |     <Platform Condition="'$(Platform)' == ''">Win32</Platform>
 28 |     <RootNamespace>BranchTracerSys</RootNamespace>
 29 |   </PropertyGroup>
 30 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" />
 31 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'" Label="Configuration">
 32 |     <TargetVersion>Windows7</TargetVersion>
 33 |     <UseDebugLibraries>true</UseDebugLibraries>
 34 |     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
 35 |     <ConfigurationType>Driver</ConfigurationType>
 36 |     <DriverType>WDM</DriverType>
 37 |   </PropertyGroup>
 38 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
 39 |     <TargetVersion>Windows7</TargetVersion>
 40 |     <UseDebugLibraries>false</UseDebugLibraries>
 41 |     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
 42 |     <ConfigurationType>Driver</ConfigurationType>
 43 |     <DriverType>WDM</DriverType>
 44 |   </PropertyGroup>
 45 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'" Label="Configuration">
 46 |     <TargetVersion>Windows7</TargetVersion>
 47 |     <UseDebugLibraries>true</UseDebugLibraries>
 48 |     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
 49 |     <ConfigurationType>Driver</ConfigurationType>
 50 |     <DriverType>WDM</DriverType>
 51 |   </PropertyGroup>
 52 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
 53 |     <TargetVersion>Windows7</TargetVersion>
 54 |     <UseDebugLibraries>false</UseDebugLibraries>
 55 |     <PlatformToolset>WindowsKernelModeDriver10.0</PlatformToolset>
 56 |     <ConfigurationType>Driver</ConfigurationType>
 57 |     <DriverType>WDM</DriverType>
 58 |   </PropertyGroup>
 59 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" />
 60 |   <ImportGroup Label="ExtensionSettings">
 61 |   </ImportGroup>
 62 |   <ImportGroup Label="PropertySheets">
 63 |     <Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" />
 64 |   </ImportGroup>
 65 |   <PropertyGroup Label="UserMacros" />
 66 |   <PropertyGroup />
 67 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 68 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
 69 |   </PropertyGroup>
 70 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 71 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
 72 |   </PropertyGroup>
 73 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 74 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
 75 |     <ExcludePath>$(ExcludePath)</ExcludePath>
 76 |   </PropertyGroup>
 77 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 78 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
 79 |     <ExcludePath>$(ExcludePath)</ExcludePath>
 80 |   </PropertyGroup>
 81 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
 82 |     <ClCompile>
 83 |       <WarningLevel>Level3</WarningLevel>
 84 |     </ClCompile>
 85 |   </ItemDefinitionGroup>
 86 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
 87 |     <ClCompile>
 88 |       <WarningLevel>Level3</WarningLevel>
 89 |     </ClCompile>
 90 |   </ItemDefinitionGroup>
 91 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 92 |     <ClCompile>
 93 |       <WarningLevel>Level3</WarningLevel>
 94 |     </ClCompile>
 95 |   </ItemDefinitionGroup>
 96 |   <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 97 |     <ClCompile>
 98 |       <WarningLevel>Level3</WarningLevel>
 99 |     </ClCompile>
100 |   </ItemDefinitionGroup>
101 |   <ItemGroup>
102 |     <FilesToPackage Include="$(TargetPath)" />
103 |   </ItemGroup>
104 |   <ItemGroup>
105 |     <ClCompile Include="BranchTracerSys.cpp" />
106 |     <ClCompile Include="bts\bts.cpp" />
107 |     <ClCompile Include="kernel-hooks\Hooks.cpp" />
108 |     <ClCompile Include="kernel-hooks\LDasm.c" />
109 |     <ClCompile Include="kernel-tools\apc_ex.c" />
110 |     <ClCompile Include="kernel-tools\KernelBase.c" />
111 |   </ItemGroup>
112 |   <ItemGroup>
113 |     <None Include="asm\cpu.inc" />
114 |   </ItemGroup>
115 |   <ItemGroup>
116 |     <ClInclude Include="asm\debug.h" />
117 |     <ClInclude Include="bts\bts.h" />
118 |     <ClInclude Include="ioctls.h" />
119 |     <ClInclude Include="kernel-hooks\Hooks.h" />
120 |     <ClInclude Include="kernel-hooks\LDasm.h" />
121 |     <ClInclude Include="kernel-tools\apc_ex.h" />
122 |     <ClInclude Include="kernel-tools\KernelBase.h" />
123 |     <ClInclude Include="kernel-tools\my_ntstatus.h" />
124 |     <ClInclude Include="kernel-tools\nt_enums.h" />
125 |     <ClInclude Include="kernel-tools\nt_imports.h" />
126 |     <ClInclude Include="kernel-tools\nt_include.h" />
127 |     <ClInclude Include="kernel-tools\nt_structs.h" />
128 |   </ItemGroup>
129 |   <ItemGroup>
130 |     <MASM Include="asm\debug32.asm">
131 |       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
132 |       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
133 |     </MASM>
134 |     <MASM Include="asm\debug64.asm">
135 |       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
136 |       <ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
137 |     </MASM>
138 |   </ItemGroup>
139 |   <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" />
140 |   <ImportGroup Label="ExtensionTargets">
141 |   </ImportGroup>
142 | </Project>


--------------------------------------------------------------------------------
/BranchTracerSys/BranchTracerSys.vcxproj.filters:
--------------------------------------------------------------------------------
  1 | <?xml version="1.0" encoding="utf-8"?>
  2 | <Project ToolsVersion="4.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
  3 |   <ItemGroup>
  4 |     <Filter Include="Source Files">
  5 |       <UniqueIdentifier>{4FC737F1-C7A5-4376-A066-2A32D752A2FF}</UniqueIdentifier>
  6 |       <Extensions>cpp;c;cc;cxx;def;odl;idl;hpj;bat;asm;asmx</Extensions>
  7 |     </Filter>
  8 |     <Filter Include="Header Files">
  9 |       <UniqueIdentifier>{93995380-89BD-4b04-88EB-625FBE52EBFB}</UniqueIdentifier>
 10 |       <Extensions>h;hpp;hxx;hm;inl;inc;xsd</Extensions>
 11 |     </Filter>
 12 |     <Filter Include="Resource Files">
 13 |       <UniqueIdentifier>{67DA6AB6-F800-4c08-8B7A-83BB121AAD01}</UniqueIdentifier>
 14 |       <Extensions>rc;ico;cur;bmp;dlg;rc2;rct;bin;rgs;gif;jpg;jpeg;jpe;resx;tiff;tif;png;wav;mfcribbon-ms</Extensions>
 15 |     </Filter>
 16 |     <Filter Include="Driver Files">
 17 |       <UniqueIdentifier>{8E41214B-6785-4CFE-B992-037D68949A14}</UniqueIdentifier>
 18 |       <Extensions>inf;inv;inx;mof;mc;</Extensions>
 19 |     </Filter>
 20 |     <Filter Include="Source Files\asm">
 21 |       <UniqueIdentifier>{aead6267-5d84-45db-93fb-fffdf2f6343a}</UniqueIdentifier>
 22 |     </Filter>
 23 |     <Filter Include="Source Files\bts">
 24 |       <UniqueIdentifier>{6c897276-9fe2-4ee8-b5d8-aef592f9ec56}</UniqueIdentifier>
 25 |     </Filter>
 26 |     <Filter Include="Source Files\kernel-hooks">
 27 |       <UniqueIdentifier>{1e45e513-6ea4-404a-8351-80b8d58a97a4}</UniqueIdentifier>
 28 |     </Filter>
 29 |     <Filter Include="Source Files\kernel-tools">
 30 |       <UniqueIdentifier>{4d201744-e4c5-44ef-b184-a359e3015b45}</UniqueIdentifier>
 31 |     </Filter>
 32 |   </ItemGroup>
 33 |   <ItemGroup>
 34 |     <ClCompile Include="BranchTracerSys.cpp">
 35 |       <Filter>Source Files</Filter>
 36 |     </ClCompile>
 37 |     <ClCompile Include="kernel-hooks\Hooks.cpp">
 38 |       <Filter>Source Files\kernel-hooks</Filter>
 39 |     </ClCompile>
 40 |     <ClCompile Include="kernel-hooks\LDasm.c">
 41 |       <Filter>Source Files\kernel-hooks</Filter>
 42 |     </ClCompile>
 43 |     <ClCompile Include="kernel-tools\apc_ex.c">
 44 |       <Filter>Source Files\kernel-tools</Filter>
 45 |     </ClCompile>
 46 |     <ClCompile Include="kernel-tools\KernelBase.c">
 47 |       <Filter>Source Files\kernel-tools</Filter>
 48 |     </ClCompile>
 49 |     <ClCompile Include="bts\bts.cpp">
 50 |       <Filter>Source Files\bts</Filter>
 51 |     </ClCompile>
 52 |   </ItemGroup>
 53 |   <ItemGroup>
 54 |     <None Include="asm\cpu.inc">
 55 |       <Filter>Source Files\asm</Filter>
 56 |     </None>
 57 |   </ItemGroup>
 58 |   <ItemGroup>
 59 |     <ClInclude Include="asm\debug.h">
 60 |       <Filter>Source Files\asm</Filter>
 61 |     </ClInclude>
 62 |     <ClInclude Include="bts\bts.h">
 63 |       <Filter>Source Files\bts</Filter>
 64 |     </ClInclude>
 65 |     <ClInclude Include="kernel-hooks\Hooks.h">
 66 |       <Filter>Source Files\kernel-hooks</Filter>
 67 |     </ClInclude>
 68 |     <ClInclude Include="kernel-hooks\LDasm.h">
 69 |       <Filter>Source Files\kernel-hooks</Filter>
 70 |     </ClInclude>
 71 |     <ClInclude Include="kernel-tools\apc_ex.h">
 72 |       <Filter>Source Files\kernel-tools</Filter>
 73 |     </ClInclude>
 74 |     <ClInclude Include="kernel-tools\KernelBase.h">
 75 |       <Filter>Source Files\kernel-tools</Filter>
 76 |     </ClInclude>
 77 |     <ClInclude Include="kernel-tools\my_ntstatus.h">
 78 |       <Filter>Source Files\kernel-tools</Filter>
 79 |     </ClInclude>
 80 |     <ClInclude Include="kernel-tools\nt_enums.h">
 81 |       <Filter>Source Files\kernel-tools</Filter>
 82 |     </ClInclude>
 83 |     <ClInclude Include="kernel-tools\nt_imports.h">
 84 |       <Filter>Source Files\kernel-tools</Filter>
 85 |     </ClInclude>
 86 |     <ClInclude Include="kernel-tools\nt_include.h">
 87 |       <Filter>Source Files\kernel-tools</Filter>
 88 |     </ClInclude>
 89 |     <ClInclude Include="kernel-tools\nt_structs.h">
 90 |       <Filter>Source Files\kernel-tools</Filter>
 91 |     </ClInclude>
 92 |     <ClInclude Include="ioctls.h">
 93 |       <Filter>Source Files</Filter>
 94 |     </ClInclude>
 95 |   </ItemGroup>
 96 |   <ItemGroup>
 97 |     <MASM Include="asm\debug32.asm">
 98 |       <Filter>Source Files\asm</Filter>
 99 |     </MASM>
100 |     <MASM Include="asm\debug64.asm">
101 |       <Filter>Source Files\asm</Filter>
102 |     </MASM>
103 |   </ItemGroup>
104 | </Project>


--------------------------------------------------------------------------------
/BranchTracerSys/BranchTracerSys.vcxproj.user:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <Project ToolsVersion="Current" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 3 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
 4 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
 5 |     <DbgengKernelMachineName>Thinkpad T460s</DbgengKernelMachineName>
 6 |   </PropertyGroup>
 7 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
 8 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
 9 |     <DbgengKernelMachineName>Thinkpad T460s</DbgengKernelMachineName>
10 |   </PropertyGroup>
11 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">
12 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
13 |     <DbgengKernelMachineName>Thinkpad T460s</DbgengKernelMachineName>
14 |   </PropertyGroup>
15 |   <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">
16 |     <DebuggerFlavor>DbgengKernelDebugger</DebuggerFlavor>
17 |     <DbgengKernelMachineName>Thinkpad T460s</DbgengKernelMachineName>
18 |   </PropertyGroup>
19 | </Project>


--------------------------------------------------------------------------------
/BranchTracerSys/asm/cpu.inc:
--------------------------------------------------------------------------------
1 | IA32_MISC_ENABLE    EQU		1A0H
2 | IA32_DS_AREA		EQU		600H
3 | IA32_DEBUGCTL		EQU		1D9H
4 | 


--------------------------------------------------------------------------------
/BranchTracerSys/asm/debug.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTracerSys/asm/debug.h


--------------------------------------------------------------------------------
/BranchTracerSys/asm/debug32.asm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTracerSys/asm/debug32.asm


--------------------------------------------------------------------------------
/BranchTracerSys/asm/debug64.asm:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTracerSys/asm/debug64.asm


--------------------------------------------------------------------------------
/BranchTracerSys/bts/bts.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTracerSys/bts/bts.cpp


--------------------------------------------------------------------------------
/BranchTracerSys/bts/bts.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTracerSys/bts/bts.h


--------------------------------------------------------------------------------
/BranchTracerSys/ioctls.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | 
 3 | #ifdef _WDMDDK_
 4 | #include <ntddk.h>
 5 | #else
 6 | #include <windows.h>
 7 | #endif
 8 | 
 9 | #define IOCTL_START_THREAD_TRACE CTL_CODE(FILE_DEVICE_UNKNOWN, 0x808, METHOD_BUFFERED, FILE_ANY_ACCESS)
10 | #define IOCTL_STOP_THREAD_TRACE CTL_CODE(FILE_DEVICE_UNKNOWN, 0x809, METHOD_BUFFERED, FILE_ANY_ACCESS)
11 | 
12 | 
13 | typedef struct _START_THREAD_TRACE_PARAM {
14 |     union
15 |     {
16 |         ULONG_PTR ThreadId;
17 |         ULONG64 ullThreadId;
18 |     };
19 | }START_THREAD_TRACE_PARAM, * PSTART_THREAD_TRACE_PARAM;
20 | 
21 | typedef struct _STOP_THREAD_TRACE_PARAM {
22 |     union
23 |     {
24 |         ULONG_PTR ThreadId;
25 |         ULONG64 ullThreadId;
26 |     };
27 | 
28 |     union {
29 |         ULONG_PTR FilterStart;
30 |         ULONG64 ullFilterStart;
31 |     };
32 | 
33 |     union {
34 |         ULONG_PTR FilterEnd;
35 |         ULONG64 ullFilterStop;
36 |     };
37 | 
38 |     union {
39 |         SIZE_T ReadSize;
40 |         ULONG64 ullReadSize;
41 |     };
42 | 
43 |     union {
44 |         PVOID Buffer;
45 |         ULONG64 ullBuffer;
46 |     };
47 |     union {
48 |         SIZE_T BufferSize;
49 |         ULONG64 ullBufferSize;
50 |     };
51 | 
52 | 
53 | }STOP_THREAD_TRACE_PARAM, * PSTOP_THREAD_TRACE_PARAM;
54 | 


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-hooks/Hooks.cpp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTracerSys/kernel-hooks/Hooks.cpp


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-hooks/Hooks.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTracerSys/kernel-hooks/Hooks.h


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-hooks/LDasm.h:
--------------------------------------------------------------------------------
 1 | #ifndef _LDASM_
 2 | #define _LDASM_
 3 | 
 4 | #include <ntddk.h>
 5 | 
 6 | #ifdef _WIN64
 7 | #define is_x64 1
 8 | #else
 9 | #define is_x64 0
10 | #endif//USE64
11 | 
12 | #ifdef __cplusplus
13 | extern "C"
14 | {
15 | #endif
16 | 
17 | #define F_INVALID       0x01
18 | #define F_PREFIX        0x02
19 | #define F_REX           0x04
20 | #define F_MODRM         0x08
21 | #define F_SIB           0x10
22 | #define F_DISP          0x20
23 | #define F_IMM           0x40
24 | #define F_RELATIVE      0x80
25 | 
26 | typedef struct _ldasm_data
27 | {
28 |     UINT8 flags;
29 |     UINT8 rex;
30 |     UINT8 modrm;
31 |     UINT8 sib;
32 |     UINT8 opcd_offset;
33 |     UINT8 opcd_size;
34 |     UINT8 disp_offset;
35 |     UINT8 disp_size;
36 |     UINT8 imm_offset;
37 |     UINT8 imm_size;
38 | } ldasm_data;
39 | 
40 | unsigned int __fastcall ldasm(void* code, ldasm_data* ld, UINT32 is64);
41 | unsigned long __fastcall SizeOfProc(void* Proc);
42 | void* __fastcall ResolveJmp(void* Proc);
43 | 
44 | #ifdef __cplusplus
45 | }
46 | #endif
47 | 
48 | #endif//_LDASM_
49 | 


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-tools/KernelBase.c:
--------------------------------------------------------------------------------
 1 | #include "KernelBase.h"
 2 | 
 3 | #include "nt_imports.h"
 4 | 
 5 | PVOID g_KernelBase = NULL;
 6 | ULONG g_KernelSize = 0;
 7 | 
 8 | PVOID GetKernelBase(OUT PULONG ImageSize) {
 9 |     NTSTATUS Status;
10 |     if (g_KernelBase != NULL) {
11 |         if (ImageSize) {
12 |             *ImageSize = g_KernelSize;
13 |         }
14 |         return g_KernelBase;
15 |     }
16 | 
17 |     UNICODE_STRING RoutineName = RTL_CONSTANT_STRING(L"NtCreateFile");
18 |     PVOID AnchorPointer = MmGetSystemRoutineAddress(&RoutineName);
19 |     if (AnchorPointer == NULL) {
20 |         return NULL;
21 |     }
22 | 
23 |     ULONG InfoSize = 0;
24 |     ZwQuerySystemInformation(SystemModuleInformation, NULL, 0, &InfoSize);
25 |     if (InfoSize == 0) {
26 |         return NULL;
27 |     }
28 |     PRTL_PROCESS_MODULES ModuleInfo =
29 |         (PRTL_PROCESS_MODULES)ExAllocatePoolWithTag(PagedPool, InfoSize, 'sabK');
30 |     RtlZeroMemory(ModuleInfo, InfoSize);
31 | 
32 |     Status = ZwQuerySystemInformation(SystemModuleInformation, ModuleInfo, InfoSize, &InfoSize);
33 |     if (NT_SUCCESS(Status)) {
34 |         PRTL_PROCESS_MODULE_INFORMATION Module = ModuleInfo->Modules;
35 | 
36 |         for (size_t i = 0; i < ModuleInfo->NumberOfModules; i++) {
37 |             ULONG ModuleImageSize = Module[i].ImageSize;
38 |             PVOID ModuleImageBase = Module[i].ImageBase;
39 | 
40 |             if (AnchorPointer >= ModuleImageBase && (ULONG_PTR)AnchorPointer <= ((ULONG_PTR)ModuleImageBase + ModuleImageSize)) {
41 |                 g_KernelBase = ModuleImageBase;
42 |                 g_KernelSize = ModuleImageSize;
43 | 
44 |                 if (ImageSize) {
45 |                     *ImageSize = ModuleImageSize;
46 |                 }
47 |                 break;
48 |             }
49 |         }
50 |     }
51 | 
52 |     if (ModuleInfo) {
53 |         ExFreePool(ModuleInfo);
54 |     }
55 | 
56 |     return g_KernelBase;
57 | }
58 | 


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-tools/KernelBase.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | #include "nt_include.h"
3 | 
4 | EXTERN_C_START
5 | 
6 | PVOID GetKernelBase(OUT PULONG ImageSize);
7 | 
8 | EXTERN_C_END
9 | 


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-tools/apc_ex.c:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTracerSys/kernel-tools/apc_ex.c


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-tools/apc_ex.h:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/JoneyYang/BranchTrace/a4ebe12e73edc5faf7f8d2840ba7e264ea57b4f2/BranchTracerSys/kernel-tools/apc_ex.h


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-tools/my_ntstatus.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | #include "nt_include.h"
 3 | 
 4 | #define FACILITY_MY 0xFFF
 5 | 
 6 | 
 7 | /*0x00  execption*/
 8 | #define STATUS_EXECPTION_PROBEREAD (NTSTATUS)0xEFFF0001;
 9 | #define STATUS_EXECPTION_PROBEWRITE (NTSTATUS)0xEFFF0002;
10 | #define STATUS_EXECPTION_PROBEREADWRITE (NTSTATUS)0xEFFF0003;
11 | 
12 | /*0x01  memory*/
13 | #define STATUS_MEMORY_ALLOCATE_UNSUCCESS (NTSTATUS)0xEFFF0101;
14 | 
15 | /*0x02  thread*/
16 | #define STATUS_THREAD_NOT_FOUND (NTSTATUS)0xEFFF0201;
17 | 
18 | /*0x03  apc*/
19 | #define STATUS_APC_INSERT_FAILED (NTSTATUS)0xEFFF0301;
20 | 


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-tools/nt_enums.h:
--------------------------------------------------------------------------------
  1 | #pragma once
  2 | 
  3 | 
  4 | typedef enum _KAPC_ENVIRONMENT {
  5 |     OriginalApcEnvironment,
  6 |     AttachedApcEnvironment,
  7 |     CurrentApcEnvironment,
  8 |     InsertApcEnvironment
  9 | } KAPC_ENVIRONMENT;
 10 | 
 11 | typedef enum _SYSTEM_INFORMATION_CLASS {
 12 |     SystemBasicInformation = 0x0,
 13 |     SystemProcessorInformation = 0x1,
 14 |     SystemPerformanceInformation = 0x2,
 15 |     SystemTimeOfDayInformation = 0x3,
 16 |     SystemPathInformation = 0x4,
 17 |     SystemProcessInformation = 0x5,
 18 |     SystemCallCountInformation = 0x6,
 19 |     SystemDeviceInformation = 0x7,
 20 |     SystemProcessorPerformanceInformation = 0x8,
 21 |     SystemFlagsInformation = 0x9,
 22 |     SystemCallTimeInformation = 0xa,
 23 |     SystemModuleInformation = 0xb,
 24 |     SystemLocksInformation = 0xc,
 25 |     SystemStackTraceInformation = 0xd,
 26 |     SystemPagedPoolInformation = 0xe,
 27 |     SystemNonPagedPoolInformation = 0xf,
 28 |     SystemHandleInformation = 0x10,
 29 |     SystemObjectInformation = 0x11,
 30 |     SystemPageFileInformation = 0x12,
 31 |     SystemVdmInstemulInformation = 0x13,
 32 |     SystemVdmBopInformation = 0x14,
 33 |     SystemFileCacheInformation = 0x15,
 34 |     SystemPoolTagInformation = 0x16,
 35 |     SystemInterruptInformation = 0x17,
 36 |     SystemDpcBehaviorInformation = 0x18,
 37 |     SystemFullMemoryInformation = 0x19,
 38 |     SystemLoadGdiDriverInformation = 0x1a,
 39 |     SystemUnloadGdiDriverInformation = 0x1b,
 40 |     SystemTimeAdjustmentInformation = 0x1c,
 41 |     SystemSummaryMemoryInformation = 0x1d,
 42 |     SystemMirrorMemoryInformation = 0x1e,
 43 |     SystemPerformanceTraceInformation = 0x1f,
 44 |     SystemObsolete0 = 0x20,
 45 |     SystemExceptionInformation = 0x21,
 46 |     SystemCrashDumpStateInformation = 0x22,
 47 |     SystemKernelDebuggerInformation = 0x23,
 48 |     SystemContextSwitchInformation = 0x24,
 49 |     SystemRegistryQuotaInformation = 0x25,
 50 |     SystemExtendServiceTableInformation = 0x26,
 51 |     SystemPrioritySeperation = 0x27,
 52 |     SystemVerifierAddDriverInformation = 0x28,
 53 |     SystemVerifierRemoveDriverInformation = 0x29,
 54 |     SystemProcessorIdleInformation = 0x2a,
 55 |     SystemLegacyDriverInformation = 0x2b,
 56 |     SystemCurrentTimeZoneInformation = 0x2c,
 57 |     SystemLookasideInformation = 0x2d,
 58 |     SystemTimeSlipNotification = 0x2e,
 59 |     SystemSessionCreate = 0x2f,
 60 |     SystemSessionDetach = 0x30,
 61 |     SystemSessionInformation = 0x31,
 62 |     SystemRangeStartInformation = 0x32,
 63 |     SystemVerifierInformation = 0x33,
 64 |     SystemVerifierThunkExtend = 0x34,
 65 |     SystemSessionProcessInformation = 0x35,
 66 |     SystemLoadGdiDriverInSystemSpace = 0x36,
 67 |     SystemNumaProcessorMap = 0x37,
 68 |     SystemPrefetcherInformation = 0x38,
 69 |     SystemExtendedProcessInformation = 0x39,
 70 |     SystemRecommendedSharedDataAlignment = 0x3a,
 71 |     SystemComPlusPackage = 0x3b,
 72 |     SystemNumaAvailableMemory = 0x3c,
 73 |     SystemProcessorPowerInformation = 0x3d,
 74 |     SystemEmulationBasicInformation = 0x3e,
 75 |     SystemEmulationProcessorInformation = 0x3f,
 76 |     SystemExtendedHandleInformation = 0x40,
 77 |     SystemLostDelayedWriteInformation = 0x41,
 78 |     SystemBigPoolInformation = 0x42,
 79 |     SystemSessionPoolTagInformation = 0x43,
 80 |     SystemSessionMappedViewInformation = 0x44,
 81 |     SystemHotpatchInformation = 0x45,
 82 |     SystemObjectSecurityMode = 0x46,
 83 |     SystemWatchdogTimerHandler = 0x47,
 84 |     SystemWatchdogTimerInformation = 0x48,
 85 |     SystemLogicalProcessorInformation = 0x49,
 86 |     SystemWow64SharedInformationObsolete = 0x4a,
 87 |     SystemRegisterFirmwareTableInformationHandler = 0x4b,
 88 |     SystemFirmwareTableInformation = 0x4c,
 89 |     SystemModuleInformationEx = 0x4d,
 90 |     SystemVerifierTriageInformation = 0x4e,
 91 |     SystemSuperfetchInformation = 0x4f,
 92 |     SystemMemoryListInformation = 0x50,
 93 |     SystemFileCacheInformationEx = 0x51,
 94 |     SystemThreadPriorityClientIdInformation = 0x52,
 95 |     SystemProcessorIdleCycleTimeInformation = 0x53,
 96 |     SystemVerifierCancellationInformation = 0x54,
 97 |     SystemProcessorPowerInformationEx = 0x55,
 98 |     SystemRefTraceInformation = 0x56,
 99 |     SystemSpecialPoolInformation = 0x57,
100 |     SystemProcessIdInformation = 0x58,
101 |     SystemErrorPortInformation = 0x59,
102 |     SystemBootEnvironmentInformation = 0x5a,
103 |     SystemHypervisorInformation = 0x5b,
104 |     SystemVerifierInformationEx = 0x5c,
105 |     SystemTimeZoneInformation = 0x5d,
106 |     SystemImageFileExecutionOptionsInformation = 0x5e,
107 |     SystemCoverageInformation = 0x5f,
108 |     SystemPrefetchPatchInformation = 0x60,
109 |     SystemVerifierFaultsInformation = 0x61,
110 |     SystemSystemPartitionInformation = 0x62,
111 |     SystemSystemDiskInformation = 0x63,
112 |     SystemProcessorPerformanceDistribution = 0x64,
113 |     SystemNumaProximityNodeInformation = 0x65,
114 |     SystemDynamicTimeZoneInformation = 0x66,
115 |     SystemCodeIntegrityInformation = 0x67,
116 |     SystemProcessorMicrocodeUpdateInformation = 0x68,
117 |     SystemProcessorBrandString = 0x69,
118 |     SystemVirtualAddressInformation = 0x6a,
119 |     SystemLogicalProcessorAndGroupInformation = 0x6b,
120 |     SystemProcessorCycleTimeInformation = 0x6c,
121 |     SystemStoreInformation = 0x6d,
122 |     SystemRegistryAppendString = 0x6e,
123 |     SystemAitSamplingValue = 0x6f,
124 |     SystemVhdBootInformation = 0x70,
125 |     SystemCpuQuotaInformation = 0x71,
126 |     SystemNativeBasicInformation = 0x72,
127 |     SystemErrorPortTimeouts = 0x73,
128 |     SystemLowPriorityIoInformation = 0x74,
129 |     SystemBootEntropyInformation = 0x75,
130 |     SystemVerifierCountersInformation = 0x76,
131 |     SystemPagedPoolInformationEx = 0x77,
132 |     SystemSystemPtesInformationEx = 0x78,
133 |     SystemNodeDistanceInformation = 0x79,
134 |     SystemAcpiAuditInformation = 0x7a,
135 |     SystemBasicPerformanceInformation = 0x7b,
136 |     SystemQueryPerformanceCounterInformation = 0x7c,
137 |     SystemSessionBigPoolInformation = 0x7d,
138 |     SystemBootGraphicsInformation = 0x7e,
139 |     SystemScrubPhysicalMemoryInformation = 0x7f,
140 |     SystemBadPageInformation = 0x80,
141 |     SystemProcessorProfileControlArea = 0x81,
142 |     SystemCombinePhysicalMemoryInformation = 0x82,
143 |     SystemEntropyInterruptTimingInformation = 0x83,
144 |     SystemConsoleInformation = 0x84,
145 |     SystemPlatformBinaryInformation = 0x85,
146 |     SystemThrottleNotificationInformation = 0x86,
147 |     SystemHypervisorProcessorCountInformation = 0x87,
148 |     SystemDeviceDataInformation = 0x88,
149 |     SystemDeviceDataEnumerationInformation = 0x89,
150 |     SystemMemoryTopologyInformation = 0x8a,
151 |     SystemMemoryChannelInformation = 0x8b,
152 |     SystemBootLogoInformation = 0x8c,
153 |     SystemProcessorPerformanceInformationEx = 0x8d,
154 |     SystemSpare0 = 0x8e,
155 |     SystemSecureBootPolicyInformation = 0x8f,
156 |     SystemPageFileInformationEx = 0x90,
157 |     SystemSecureBootInformation = 0x91,
158 |     SystemEntropyInterruptTimingRawInformation = 0x92,
159 |     SystemPortableWorkspaceEfiLauncherInformation = 0x93,
160 |     SystemFullProcessInformation = 0x94,
161 |     SystemKernelDebuggerInformationEx = 0x95,
162 |     SystemBootMetadataInformation = 0x96,
163 |     SystemSoftRebootInformation = 0x97,
164 |     SystemElamCertificateInformation = 0x98,
165 |     SystemOfflineDumpConfigInformation = 0x99,
166 |     SystemProcessorFeaturesInformation = 0x9a,
167 |     SystemRegistryReconciliationInformation = 0x9b,
168 |     MaxSystemInfoClass = 0x9c,
169 | } SYSTEM_INFORMATION_CLASS;
170 | 
171 | 


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-tools/nt_imports.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | #include "nt_include.h"
 3 | #include "nt_enums.h"
 4 | #include "nt_structs.h"
 5 | 
 6 | EXTERN_C_START
 7 | 
 8 | NTKERNELAPI VOID KeInitializeApc(__out PRKAPC Apc, __in PETHREAD Thread, __in KAPC_ENVIRONMENT Environment, __in PVOID KernelRoutine,
 9 |                                  __in_opt PVOID RundownRoutine, __in_opt PVOID NormalRoutine, __in_opt KPROCESSOR_MODE ProcessorMode, __in_opt PVOID NormalContext);
10 | NTSYSAPI BOOLEAN KeInsertQueueApc(__inout PRKAPC Apc, __in_opt PVOID SystemArgument1, __in_opt PVOID SystemArgument2, __in KPRIORITY Increment);
11 | NTSYSAPI BOOLEAN KeTestAlertThread(__in KPROCESSOR_MODE AlertMode);
12 | 
13 | NTSYSAPI PPEB PsGetProcessPeb(IN PEPROCESS Process);
14 | NTSYSAPI PCHAR PsGetProcessImageFileName(PEPROCESS Process);
15 | 
16 | NTSYSAPI NTSTATUS IoCreateDriver(IN PUNICODE_STRING DriverName, OPTIONAL IN PDRIVER_INITIALIZE InitializationFunction);
17 | NTSYSAPI NTSTATUS NTAPI MmCopyVirtualMemory(PEPROCESS SourceProcess, PVOID SourceAddress, PEPROCESS TargetProcess, PVOID TargetAddress, SIZE_T BufferSize, KPROCESSOR_MODE PreviousMode, PSIZE_T ReturnSize);
18 | NTSYSAPI NTSTATUS NTAPI ZwProtectVirtualMemory(__in HANDLE ProcessHandle, __inout PVOID* BaseAddress, __inout PSIZE_T RegionSize, __in ULONG NewProtect, __out PULONG OldProtect);
19 | NTSYSAPI NTSTATUS NTAPI ZwQuerySystemInformation(IN SYSTEM_INFORMATION_CLASS SystemInformationClass, OUT PVOID SystemInformation, IN ULONG SystemInformationLength, OUT PULONG ReturnLength OPTIONAL);
20 | 
21 | EXTERN_C_END
22 | 


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-tools/nt_include.h:
--------------------------------------------------------------------------------
1 | #pragma once
2 | 
3 | #include <ntifs.h>
4 | #include <ntddk.h>
5 | 
6 | 


--------------------------------------------------------------------------------
/BranchTracerSys/kernel-tools/nt_structs.h:
--------------------------------------------------------------------------------
 1 | #pragma once
 2 | #include "nt_include.h"
 3 | 
 4 | typedef struct _RTL_PROCESS_MODULE_INFORMATION {
 5 |     HANDLE Section;         // Not filled in
 6 |     PVOID MappedBase;
 7 |     PVOID ImageBase;
 8 |     ULONG ImageSize;
 9 |     ULONG Flags;
10 |     USHORT LoadOrderIndex;
11 |     USHORT InitOrderIndex;
12 |     USHORT LoadCount;
13 |     USHORT OffsetToFileName;
14 |     UCHAR  FullPathName[MAXIMUM_FILENAME_LENGTH];
15 | } RTL_PROCESS_MODULE_INFORMATION, * PRTL_PROCESS_MODULE_INFORMATION;
16 | 
17 | typedef struct _RTL_PROCESS_MODULES {
18 |     ULONG NumberOfModules;
19 |     RTL_PROCESS_MODULE_INFORMATION Modules[1];
20 | } RTL_PROCESS_MODULES, * PRTL_PROCESS_MODULES;
21 | 


--------------------------------------------------------------------------------
/BranchTracerSys/runsdvui.cmd:
--------------------------------------------------------------------------------
1 | cd /d "E:\Projects\windows-debugger-research\BranchTracer\BranchTracerSys" &msbuild "BranchTracerSys.vcxproj" /t:sdvViewer /p:configuration="Debug" /p:platform="x64" /p:SolutionDir="E:\Projects\windows-debugger-research" 
2 | exit %errorlevel% 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | ### BranchTrace 
 2 | 
 3 | BranchTraceSys            核心驱动程序  
 4 | BranchTraceExe              示例程序  
 5 | BranchTrace-x64plugin-wtl  x64dbg插件  
 6 | BranchTrace-x64plugin      x64dbg插件(已弃用)  
 7 | 
 8 | #### 思路
 9 | 1. 利用BTS将CPU的执行过程记录到内存中。
10 | 2. 硬件级别是没有线程这种概念的，所以需要想办法将某个线程与CPU关联。
11 | 3. 对Windows内核核心函数SwapContext挂钩，目标线程开始执行时开启BTS,目标线程被切则关闭BTS
12 | 4. 抓取到数据后，在x64dbg中实现可视化界面。
13 | 


--------------------------------------------------------------------------------