CoreTrace is our system call capture tool that offers a quick way to understand a program's behavior.
CoreTrace provides dynamic analysis reverse engineering for system calls.
With Corellium, you can trace system calls using either strace, a standard command-line Linux tool, or our proprietary CoreTrace tool. strace is included in Corellium virtual devices, and it is implemented with ptrace.
CoreTrace is implemented with the help of CHARM™. Applications can employ anti-debugging techniques to detect and prevent ptrace-based tracing. However, these techniques cannot prevent, or even easily detect, hypervisor-based tracing.
Often you may be interested in a particular target. CoreTrace makes it easy to filter by specific processes and threads for more targeted analysis.