Chapter 12. PYEMU—THE SCRIPTABLE EMULATOR
PyEmu was released at BlackHat 2007[56] by Cody Pierce, one of the talented members of the
TippingPoint DVLabs team. PyEmu is a pure Python IA32 emulator that allows a developer
to use Python to drive CPU emulation tasks. Using an emulator can be very
beneficial for reverse engineering malware, when you don't necessarily
want the real malware code to execute. And it can be useful for a whole
host of other reverse engineering tasks as well. PyEmu has three methods
to enable emulation: IDAPyEmu, PyDbgPyEmu
, and
PEPyEmu
. The IDAPyEmu
class allows
you to run the emulation tasks from inside IDA Pro using IDAPython (see
Chapter 11 for IDAPython coverage).
The PyDbgPyEmu
class allows you to use the emulator during ...
Get Gray Hat Python now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.