I'm doing a bit of research on Intel Pin. I'm looking to see if there is a way of attaching a Pin tool to an existing process using the Pin API.
I can see there is a way of running the pin executable on an already running process using pin.exe -pid <process_id> but I can't see anything in the pin documentation.
EDIT: As per a previous comment, I'm updating the question with an example.
The problem I'm trying to solve is instrumenting an injected process (this is for malware analysis).
If the process/binary I'm instrumenting creates a child process then pin can seamlessly attach itself to said child process. Wonderful!
If, however, the binary process/binary I'm instrumenting injects into another process (i.e. OpenProcess > VirtualAllocEx > WriteProcessMemory > CreateRemoteThread) then Pin will NOT attach to the injected process. I need to be able to tell pin to attach dynamically at runtime.
You'll have to implement something like that yourself - instrument the system calls and if you see an injection pattern, attach pin to the process.