findLoop

findLoop uses DynamoRIO to find code blocks executed more than ITER_LIMIT times (ITER_LIMIT is defined inside the project)

Based on produced data the project generates IDA Python script, which sets breakpoints at addresses executed more than ITER_LIMIT times.

The project can be used to find possible encryption/decryption and compression/decompression code snippets.

Possible Targets:

Crackmes, malware samples, etc.

BUILD:

The project assumes that C:\\dynamorio points to the DynamoRIO folder.

DEMO: