Sojobo – A Binary Analysis Framework
Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don’t need to install or compile any other external libraries (the project is self contained).
With Sojobo you can:
- Emulate a (32 bit) PE binary
- Inspect the memory of the emulated process
- Read the process state
- Display a disassembly of the executed code
- Emulate functions in a managed language (C# || F#)
Download
Using Sojobo
Sojobo is intended to be used as a framework to create program analysis utilities. However, various sample utilities were created in order to show how to use the framework in a profitable way.
Compile
In order to compile Sojobo you need .NET Core to be installed and Visual Studio. To compile just run build.bat.
0 Response for the "Sojobo - A Binary Analysis Framework"
Post a Comment