Zelos - A comprehensive binary emulation platform

Mar 16, 2020

Zelos (Zeropoint Emulated Lightweight Operating System) is a python-based binary emulation platform. One use of zelos is to quickly assess the dynamic behavior of binaries via command-line or python scripts. All syscalls are emulated to isolate the target binary. Linux x86_64 (32- and 64-bit), ARM and MIPS binaries are supported. Unicorn provides CPU emulation.

Full documentation is available here.

Installation

Use the package manager pip to install zelos.

pip install zelos

Basic Usage

Command-line

To emulate a binary with default options:

$ zelos my_binary

To view the instructions that are being executed, add the -v flag:

$ zelos -v my_binary

You can print only the first time each instruction is executed, rather than every execution, using --fasttrace:

$ zelos -v --fasttrace my_binary

By default, syscalls are emitted on stdout. To write syscalls to a file instead, use the --strace flag:

Author

Hakin9 TEAM
Hakin9 is a monthly magazine dedicated to hacking and cybersecurity. In every edition, we try to focus on different approaches to show various techniques - defensive and offensive. This knowledge will help you understand how most popular attacks are performed and how to protect your data from them. Our tutorials, case studies and online courses will prepare you for the upcoming, potential threats in the cyber security world. We collaborate with many individuals and universities and public institutions, but also with companies such as Xento Systems, CATO Networks, EY, CIPHER Intelligence LAB, redBorder, TSG, and others.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023