FeaturesCoreTrace

CoreTrace

CoreTrace is our system call capture tool that offers a quick way to understand a program's behavior.


Trace more than just a single process

CoreTrace provides dynamic analysis reverse engineering for system calls.

Use strace or ptrace

Use strace or ptrace

With Corellium, you can trace system calls using either strace, a standard command-line Linux tool, or our proprietary CoreTrace tool. strace is included in Corellium virtual devices, and it is implemented with ptrace.

Powerful system tracing

Powerful system tracing

CoreTrace is implemented with the help of CHARM™. Applications can employ anti-debugging techniques to detect and prevent ptrace-based tracing. However, these techniques cannot prevent, or even easily detect, hypervisor-based tracing.

Filter incoming data

Filter incoming data

Often you may be interested in a particular target. CoreTrace makes it easy to filter by specific processes and threads for more targeted analysis.