tracesc
command to execute runsc within Wine in a way that traces the execution of shellcode. WARNING! This wrapper will actually execute the shellcode on the system, which might lead to your system becoming infected. Only use this wrapper in an properly configured, isolated laboratory environment, which you can return to a pristine state at the end of your analysis.
State File: remnux.packages.runscβspeakeasy
, emu_exe.py
, and emu_dll.py
commands.
State File: remnux.python3-packages.speakeasyβqltool
to analyze artifacts. Before analyzing Windows artifacts, gather Windows DLLs and other components using the dllscollector.bat script. Read the tool's documentation to get started.
State File: remnux.python3-packages.qilingβ