speakeasy
speakeasy copied to clipboard
mandiant
Windows kernel and user mode emulation.
First off, thanks for releasing this tool. I ran speakeasy against the Malpedia corpus (https://malpedia.caad.fkie.fraunhofer.de/) to get a rough estimate of how many samples successfully emulate with/without tossing errors. While...
# Summary When specifying a custom configuration, I have a sample that does not timeout properly. # Description To reproduce (adjust relative paths as needed) ```python3 >>> from speakeasy import...
Hey, first of all let me say a huge thank you for this awesome tool! My question: I'm trying to run two emulations in the same script: ``` se =...
winemu._hook_code() prints only: print('0x%x: %s, edi=0x%x : esi=0x%x : ebp=0x%x : eax=0x%x' % (addr, x, self.reg_read('edi'), self.reg_read('esi'), self.reg_read('ebp'), self.reg_read('eax'))) # noqa
There are some shellcodes check SizeOfImage of module in LDR_DATA_TABLE_ENTRY not zer0, otherwise shellcode exits. So please add this field (and another ones) to the config file and code. Thanks
whether it be FIFO, LIFO, etc. Speakeasy should have an intuitive order of execution for hooks when there are multiple hooks set for a given API.
Hi! I encountered problems with get proc address, looks like the emu doesn't want to write to a data section, is this a question of config? ``` | push crackme.412CE8...
The `run_speakeasy.py` argument `--params` doesn't work as intended for an example like `--params -log -path ` because `argparse` treats `-log` as `-l og`. A possible solution is to treat the...
