Pentest Tools

Published on January 9th, 2016 📆 | 8495 Views ⚑

PyAna — Analyzing the Windows shellcode

PyAna - Analyzing the Windows shellcode..

Using Unicorn Framework for emulating shellcode. PyAna emulate a process on Windows: PEB, TIB, LDR_MODULE to create a emulative environment.

Usage

[adsense size='1']

From commandline type: PyAna.py [shellcode]
Ex: PyAna.py Samples/UrlDownloadToFile.sc

Dependencies
PyAna depends on :

Unicorn Framework & Capstone developing by Nguyen Anh Quynh.
pefile developing by Ero Carrera

Status

Implement in Python using Unicorn binding
Emulating a simple shellcode: calc, UrlDownloadToFile
Windows system structure emulator is not complete
A few of Win32 API hooking
Only support 32 bit

TODO

support PE file on Windows
support unpacking
apply on fuzzing, exploit detection.

[adsense size='2']
Download

Comments are closed.

🌟 Your Account

Username/Email Password
Remember Me
Register
🔔 Email Subscriptions

Get new posts by email
- Donate Via Wallets
  MetaMask
  
  Trust Wallet
  
  Binance Wallet
  
  WalletConnect
Popular
- New Emerging APT Threat Exploiting WinRAR Flaw by Admin November 16, 2023 Nov 16, 2023NewsroomAdvanced Persistent Threat / Zero-Day A hacking group… (8)
- CISA Has a New Road Map for Handling Weaponized AI by Admin November 15, 2023 Last month, a 120-page United States executive order laid out… (6)
- WordPress UserPro 5.1.x Password Reset /… by Admin November 22, 2023 Vulnerability Details & Technical AnalysisPassword Reset to Privilege Escalation using… (6)
- This Is the Ops Manual for the Most Tech-Savvy… by Admin November 9, 2023 In fact, in a surprising majority of cases, DxE investigators… (6)
Gloss
- Washington Times News Today on Iranian Hackers Launches Destructive Cyberattacks on Israeli Tech and Education Sectors
- Lucas Herry on This Is the Ops Manual for the Most Tech-Savvy Animal Liberation Group in the US
- 126rt.com on Iranian Hackers Launches Destructive Cyberattacks on Israeli Tech and Education Sectors
- robwks on Ubuntu Security Notice USN-6423-2 – Torchsec
- julidyt on ChurchCRM 4.5.4 SQL Injection – Torchsec
- julinpk on Red Hat Security Advisory 2023-5714-01 – Torchsec
- julihnu on A New Protocol Vulnerability Will Haunt the Web for Years
- irinhha on A New Protocol Vulnerability Will Haunt the Web for Years
- irintti on A New Protocol Vulnerability Will Haunt the Web for Years
- irinkum on A New Protocol Vulnerability Will Haunt the Web for Years
☕️Social Media

Torchsec

Tweets by Torch_sec
👥Members

Newest | Active | Popular
- Emory Nowacki
  
  registered 15 hours, 1 minute ago
- Mari Rede
  
  registered 15 hours, 45 minutes ago
- Biswajit Swain
  
  registered 21 hours, 17 minutes ago
- Kassie Cleveland
  
  registered 23 hours, 33 minutes ago
- Dorothea Witherspoon
  
  registered 1 day, 3 hours ago
🌍 Forum Groups

Newest | Active | Popular | Alphabetical
- General Talk
  
  active 15 hours, 1 minute ago
- Gaming
  
  active 15 hours, 1 minute ago
- Pentest Tutorials
  
  active 15 hours, 1 minute ago
- Networking
  
  active 15 hours, 1 minute ago
- Linux / Open Source
  
  active 15 hours, 1 minute ago
linktr.ee/obewyn

We share and comment on interesting infosec related news, tools and more. Follow us on RSS ,Facebook or Twitter for the latest updates. Torchsec is designed to help Auditors, Pentesters & Security Experts to keep their ethical hacking oriented toolbox up-to-date .
This website is made for educational and ethical testing purposes only。It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this website.

PyAna — Analyzing the Windows shellcode

PyAna - Analyzing the Windows shellcode..

Using Unicorn Framework for emulating shellcode. PyAna emulate a process on Windows: PEB, TIB, LDR_MODULE to create a emulative environment.

🌟 Your Account

🔔 Email Subscriptions

Get new posts by email

Donate Via Wallets

Popular

Gloss

☕️Social Media

👥Members

🌍 Forum Groups