libemu
Beta release of libemu qemu extension
Tue, 08/30/2011 - 20:25 — florian.schmittAs part of this year’s Summer of Code, I programmed an extension for the shellcode detection and analysis library libemu. The main goal of the project was to increase the performance when executing shellcode, with the help of a virtualizer. Prior to this extension, libemu made use of a custom emulator, which supported only instructions mostly used in shellcode. With this extension, libemu utilizes a full-blown, completely functioning virtualizer, which executes code presumably the same way a real CPU does.
What's new on PHoneyC (4): Try it out!
Mon, 08/10/2009 - 19:19 — zhijie.chenHi all:
I have finished almost all the coding stuff of Project #1, now you can try out the new PHoneyC with shellcode/heapspray detection here:
http://code.google.com/p/phoneyc/source/browse/phoneyc#phoneyc/branches/phoneyc-honeyjs
Please feel free to report any bug or suggestion on shellcode/heapspray detection to me.
What's new on phoneyc (3)--- Mid-term Evaluation
Sun, 07/05/2009 - 17:41 — zhijie.chen
Mid-term Report on PHoneyC GSoC project 1
| Info: | See <https://www.honeynet.org/gsoc/project1> for project details. |
|---|---|
| Author: | Zhijie Chen (Joyan) <czj.pub@gmail.com> |
| Mentor: | Jose Nazario |
| Description: | Mid-term Report on PHoneyC GSoC project 1. This report describes what I have done on the PHoneyC's libemu integration for shellcode and heapspray detection during the first half of the GSoC. Till now, the main ideas on this feature has been fast-implemented (actually I mean poor coding style) and the whole flow works well, with some code rewriting and performance optimization needed in the future. |
We are a 501c3 non-profit, all volunteer organization. Consider donating to support our forensic challenges, tools development, and research.