yet another python module around ptrace()
I wrote this module because I was tired of the module available in subterfugue : this module is not maintained anymore and it lacks several features. Why not submit a patch ? Mainly because ptracemodule is a C wrapper and I don't want to waste my time resolving unmet build dependencies or tools, etc.
Furthermore, it's a simple wrapper Python to C : it's really not written with OOP paradigms in mind and there is no abstraction layer. That was my main problem because I wanted to use the ptrace interface without using the ptrace() syscall. Sounds silly?
Not really, think about emulating ptrace for hostile binaries/crackmes for instance! Thus PtraceCore module is not tied to ptrace(): you can use the utrace*() interface, Solaris /proc debugging stuff, or even the Microsoft Windows mechanisms.
The goal of the module is to be fast to deploy, just drop the ptrace.py into the working directory and just enjoy! No need to compile anything if you want.
This module uses intensively the Ctypes module to use the ptrace() syscall available in the Libc.
This module has only be tested on Linux 2.6. It should be quite easy to port the interface on other plateforms. You just have to implement three functions, see the PtraceCoreCtypes class for instance.
There are now a few similar projects which are a lot more complete: