Pyemu: A Multi-Purpose Scriptable X86 Emulator presented at Blackhat USA 2007

by Cody Pierce,

Tags: Security Analysis Malware Development

Summary : Processor emulation has been around for
as long as the processor it emulates. However, emulators have been
difficult to use and notoriously lacking in flexibility or
extensibility. In this presentation I address these issues and provide a
solution in the form of a scriptable multi–purpose x86 emulator written
in Python. The concept was to allow a security researcher the ability
to quickly integrate an emulator into their work flow and custom tools.
Python was chosen as the development language for multiple reasons,
mainly to leverage the benefits of existing Python libraries such as
PaiMei/PyDbg and IDApython. With obvious uses in reverse engineering,
vulnerability research, and malware analysis PyEmu is a very valuable
addition to any security researchers repertoire.