.I want to introduce a new application named Pokas Emulator
Pokas x86 Emulator is an Application-Only emulator created for generic unpacking and testing the antivirus detection algorithms.
it emulates the PE Executable Files 32-bits versions and monitor all memory writes and include many features . some of them are:
1. Has an assembler and a disassembler from and to mnemonics.
2. Support adding new APIs and adding the emulation function to them.
3. Support a very powerful debugger that has a parser that parses the condition you give and create a very fast native code that perform the check on this condition.
4. Support seh and support tib, teb, peb and peb_ldr_data.
5. It monitors all the memory writes and log up to 10 previous Eips and saves the last accessed and the last modified place in memory.
6. it support 6 APIs:GetModuleHandleA, LoadLibrayA, GetProcAddress, VirtualAlloc, VirtualFree and VirtualProtect.
7. With all of these it's FREE and open source.
It successfully emulates:
1. UPX
2. FSG
3. MEW
4. Aspack
5. PECompact
6. Morphine
But it does contain bugs and it still in the beta version. It surely will be fixed soon ith the help of your feedback.
It still doesn't support multithreading and doesn't support Linux ELF executables.
It's still working only on windows but the Linux version will be available soon.
you can download it from http://sourceforge.net/projects/x86emu/
AmrThabet
amr.thabet_*at*_student.alx.edu.eg
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}