Zelos is a comprehensive binary emulation platform. It (Zeropoint Emulated Lightweight Operating System) is a python-based binary emulation platform.
One use of it is to quickly assess the dynamic behavior of binaries via command-line or python scripts.
All syscalls are emulated to isolate the target binary. Linux x86_64 (32- and 64-bit), ARM and MIPS binaries are supported. Unicorn provides CPU emulation.
Full documentation is available here.
Installation
Use the package manager pip to install the tool.
Also Read – Sifter : A Osint, Recon & Vulnerability Scanner
pip install zelos
Basic Usage
To emulate a binary with default options:
$ zelos my_binary
To view the instructions that are being executed, add the -v flag:
$ zelos -v my_binary
You can print only the first time each instruction is executed, rather than every execution, using --fasttrace:
$ zelos -v –fasttrace my_binary
By default, syscalls are emitted on stdout. To write syscalls to a file instead, use the --strace flag:
$ zelos –strace path/to/file my_binary
Specify any command line arguments after the binary name:
$ zelos my_binary arg1 arg2
import zelos
z = zelos.Zelos(“my_binary”)
z.start(timeout=3)
Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.
Please make sure to update tests as appropriate.
First, create a new python virtual environment. This will ensure no package version conflicts arise:
$ python3 -m venv ~/.venv/zelos
$ source ~/.venv/zelos/bin/activate
Now clone the repository and change into the zelos directory:
(zelos) $ git clone git@github.com:zeropointdynamics/zelos.git
(zelos) $ cd zelos
Install an editable version of it into the virtual environment. This makes import zelos available, and any local changes to it will be effective immediately:
(zelos) $ pip install -e ‘.[dev]’
At this point, tests should pass and documentation should build:
(zelos) $ pytest
(zelos) $ cd docs
(zelos) $ make html
Built documentation is found in docs/_build/html/.
Install it to pre-commit hooks to ensure code style compliance:
(zelos) $ pre-commit install
In addition to automatically running every commit, you can run them anytime with:
(zelos) $ pre-commit run –all-files
Commands vary slightly on Windows:
C:> python3 -m venv zelos_venv
C:> zelos_venv\Scripts\activate.bat
(zelos) C:> pip install -e .[dev]
Imagine if you had a super-powered assistant who could automatically handle all the boring, repetitive…
Managing files efficiently is a core skill for anyone working in Linux, whether you're a…
Open ports act as communication endpoints between your Linux system and the outside world. Every…
Introduction In today’s cyber threat landscape, protecting endpoints such as computers, smartphones, and tablets from…
Introduction In today's fast-paced cybersecurity landscape, incident response is critical to protecting businesses from cyberattacks.…
Artificial Intelligence (AI) is changing how industries operate, automating processes, and driving new innovations. However,…