scdbg - shellcode analysis application
Am Monday, 19. Mar 2012 im Topic 'Tools'
scdbg is a shellcode analysis application built around the libemu emulation library. When run it will display to the user all of the Windows API the shellcode attempts to call.
Additions include:
100+ new api hooks, 5 new dlls, interactive debug shell, rebuilt PEB, support for file format exploits, support for return address scanners, memory monitor, report mode, dump mode, easily human readable outputs, log after xx capabilities, directory mode, inline analysis of process injection shellcode and more...
The simplest command line you can use is:
scdbg -f shellcode_file.sc
Where shellcode_file.sc is the raw shellcode in binary format.
An example of working with shellcode for a file format exploit might look like:
scdbg -f shellcode.sc -fopen bad.doc_ -s -1 -i
Download
https://github.com/dzzie/VS_LIBEMU
Additions include:
100+ new api hooks, 5 new dlls, interactive debug shell, rebuilt PEB, support for file format exploits, support for return address scanners, memory monitor, report mode, dump mode, easily human readable outputs, log after xx capabilities, directory mode, inline analysis of process injection shellcode and more...
The simplest command line you can use is:
scdbg -f shellcode_file.sc
Where shellcode_file.sc is the raw shellcode in binary format.
An example of working with shellcode for a file format exploit might look like:
scdbg -f shellcode.sc -fopen bad.doc_ -s -1 -i
Download
https://github.com/dzzie/VS_LIBEMU
