Skip to content

AdaLogics/pandaMalbox

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
sample_app
sample_app
 
 
README.md
README.md
 
 
download_windows.sh
download_windows.sh
 
 
vm_record.py
vm_record.py
 
 
vm_replay.py
vm_replay.py
 
 

Repository files navigation

pandaMalbox

This repo contains various scripts that can be used to work with the PANDA reverse engineering framework. The content is based on our blogpost with additional information here.

Running the scripts

# Get this repo
git clone https://github.com/AdaLogics/pandaIntro
cd pandaIntro

# Clone PANDA
git clone https://github.com/panda-re/panda
./panda/panda/scripts/install_ubuntu.sh


# Now install our stuff
download_windows.sh

At this point we need to create a snapshot that is useful for analysis. To do this, please follow the instructions here.

Then we can continue with creating a recording and replaying this recording.

# Make a recording of the sample
cd sample_app
unzip msg_app.zip
cd ..

python vm_record.py -sample sample_app/msg_app.exe

python vm_replay.py -recording sample

less panda_replay.stdout
...

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

11 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages