Sojobo - A Binary Analysis Framework
Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don't need to install or compile any other external libraries (the project is self contained).
With Sojobo you can:
- Emulate a (32 bit) PE binary
- Inspect the memory of the emulated process
- Read the process state
- Display a disassembly of the executed code
- Emulate functions in a managed language (C# || F#)
Post a Comment
Note: only a member of this blog may post a comment.