I recently saw funcap, a plugin that captures function calls made by a binary using IDA's debugging API.
I have setup IDA on my host machine. My VMs aren't fast enough to run IDA in them. How do you run a plugin like this without having the risk of malware executing in your host machine?
IDA supports remote debugging, see this guide on how to configure it : https://www.hex-rays.com/products/ida/support/freefiles/remotedbg.pdf . I don't know if funcap works with remote debugging but the author mentions using it in Windbg mode for kernel debugging so I guess it should.
