Qiling - Advanced Binary Emulation framework

Qiling is an advanced binary emulation framework, with the following features: Cross platform: Windows, MacOS, Linux, BSD Cross architecture: X86, X86_64, Arm, Arm64, Mips Multiple file formats: PE, MachO, ELF Emulate & sandbox machine code in a isolated environment Provide high level API to setup & configure the sandbox Fine-grain instrumentation: allow hooks at various levels (instruction/basic-block/memory-access/exception/syscall/IO/etc) Allow dynamic hotpatch on-the-fly running code, including the loaded library True framework in Python, making it easy to build customized security analysis tools on top Qiling is backed by Unicorn engine. Visit our website https://www.qiling.io for more information. Qiling vs other Emulators There are many open source emulators, but two projects closest to Qiling are Unicorn & Qemu usermode. This section explains the main differences of Qiling against them. Qiling vs Unicorn engine Built on top of Unicorn, but Qiling & Unicorn are two different animals. Unicorn is just a CPU emulator, so....