Zelos is a comprehensive binary emulation platform. It (Zeropoint Emulated Lightweight Operating System) is a python-based binary emulation platform.
One use of it is to quickly assess the dynamic behavior of binaries via command-line or python scripts.
All syscalls are emulated to isolate the target binary. Linux x86_64 (32- and 64-bit), ARM and MIPS binaries are supported. Unicorn provides CPU emulation.
Full documentation is available here.
Installation
Use the package manager pip to install the tool.
Also Read – Sifter : A Osint, Recon & Vulnerability Scanner
pip install zelos
Basic Usage
To emulate a binary with default options:
$ zelos my_binary
To view the instructions that are being executed, add the -v flag:
$ zelos -v my_binary
You can print only the first time each instruction is executed, rather than every execution, using --fasttrace:
$ zelos -v –fasttrace my_binary
By default, syscalls are emitted on stdout. To write syscalls to a file instead, use the --strace flag:
$ zelos –strace path/to/file my_binary
Specify any command line arguments after the binary name:
$ zelos my_binary arg1 arg2
import zelos
z = zelos.Zelos(“my_binary”)
z.start(timeout=3)
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
Please make sure to update tests as appropriate.
First, create a new python virtual environment. This will ensure no package version conflicts arise:
$ python3 -m venv ~/.venv/zelos
$ source ~/.venv/zelos/bin/activate
Now clone the repository and change into the zelos directory:
(zelos) $ git clone git@github.com:zeropointdynamics/zelos.git
(zelos) $ cd zelos
Install an editable version of it into the virtual environment. This makes import zelos available, and any local changes to it will be effective immediately:
(zelos) $ pip install -e ‘.[dev]’
At this point, tests should pass and documentation should build:
(zelos) $ pytest
(zelos) $ cd docs
(zelos) $ make html
Built documentation is found in docs/_build/html/.
Install it to pre-commit hooks to ensure code style compliance:
(zelos) $ pre-commit install
In addition to automatically running every commit, you can run them anytime with:
(zelos) $ pre-commit run –all-files
Commands vary slightly on Windows:
C:> python3 -m venv zelos_venv
C:> zelos_venv\Scripts\activate.bat
(zelos) C:> pip install -e .[dev]
Cybersecurity tools play a critical role in safeguarding digital assets, systems, and networks from malicious…
MODeflattener is a specialized tool designed to reverse OLLVM's control flow flattening obfuscation through static…
"My Awesome List" is a curated collection of tools, libraries, and resources spanning various domains…
CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, allowed attackers to execute arbitrary…
The blog post "Chrome Browser Exploitation, Part 1: Introduction to V8 and JavaScript Internals" provides…
The exploitation of CVE-2018-17463, a type confusion vulnerability in Chrome’s V8 JavaScript engine, relies on…