angr (>=9.0.4446 <=9.2.25), angr-management (>=9.0.4446 <=9.2.25) +13 more potentially affected by CVE-2021-44078 via unicorn (>=1.0.2 <=1.0.3)

unicorn PYPI version =1.0.2, =9.0.4446, =9.0.4446, =9.0.4446, =0.4.0, =4.1.1, =1.2.1, =0.0.3, =1.1.0, =1.4.4, =0.0.0, =0.1.0 Source cves: CVE-2021-44078 Source advisory: OSV:PYSEC-2021-868...

Speakeasy - Windows Kernel And User Mode Emulation

Speakeasy is a portable, modular, binary emulator designed to emulate Windows kernel and user mode malware. Check out the overview in the first Speakeasy blog post. Instead of attempting to perform dynamic analysis using an entire virtualized operating system, Speakeasy will emulate specific...

REW-sploit - Emulate And Dissect MSF And *Other* Attacks

REW-sploit The tool has been presented at Black-Hat Arsenal USA 2021 https://www.blackhat.com/us-21/arsenal/schedule/index.htmlrew-sploit-dissecting-metasploit-attacks-24086 Slides of presentation are available at https://github.com/REW-sploit/REW-sploitdocs Need help in analyzing Windows shellco...

Emulation of Kernel Mode Rootkits With Speakeasy

In August 2020, we released a blog post about how the Speakeasy emulation framework can be used to emulate user mode malware such as shellcode. If you haven’t had a chance, give the post a read today. In addition to user mode emulation, Speakeasy also supports emulation of kernel mode Windows...

Using Speakeasy Emulation Framework Programmatically to Unpack Malware

Andrew Davis recently announced the public release of his new Windows emulation framework named Speakeasy. While the introductory blog post focused on using Speakeasy as an automated malware sandbox of sorts, this entry will highlight another powerful use of the framework: automated malware...

Emulation of Malicious Shellcode With Speakeasy

In order to enable emulation of malware samples at scale, we have developed the Speakeasy emulation framework. Speakeasy aims to make it as easy as possible for users who are not malware analysts to acquire triage reports in an automated way, as well as enabling reverse engineers to write custom...

SpeakEasy German LT Phrasebook - WebView JavaScript enabled, WebView files access vulnerabilities

HackApp vulnerability scanner discovered that application SpeakEasy German LT Phrasebook published at the 'play' market has multiple vulnerabilities...