mirror of
https://github.com/momo5502/emulator.git
synced 2026-01-18 03:13:55 +00:00
33f5853289
Bumps [seanmiddleditch/gha-setup-ninja](https://github.com/seanmiddleditch/gha-setup-ninja) from 5 to 6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/seanmiddleditch/gha-setup-ninja/releases">seanmiddleditch/gha-setup-ninja's releases</a>.</em></p> <blockquote> <h2>v6</h2> <ul> <li>Support and default to ninja 1.12.1</li> <li>Support Windows and Linux 64-bit ARM builds of ninja <ul> <li>Added <code>winarm64</code> and <code>linux-aarch64</code> options to <code>platform</code> input</li> </ul> </li> <li>Update dependencies</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="3b1f8f94a2"><code>3b1f8f9</code></a> Bump undici from 5.28.4 to 5.28.5 (<a href="https://redirect.github.com/seanmiddleditch/gha-setup-ninja/issues/33">#33</a>)</li> <li><a href="7fa4bc09c4"><code>7fa4bc0</code></a> matrix: include: v1.12.1 on ubuntu-24.04-arm (<a href="https://redirect.github.com/seanmiddleditch/gha-setup-ninja/issues/34">#34</a>)</li> <li><a href="78f0be81b7"><code>78f0be8</code></a> Add Ninja 1.12.1 support, including improved platform detection (<a href="https://redirect.github.com/seanmiddleditch/gha-setup-ninja/issues/29">#29</a>)</li> <li><a href="d3403b5f8e"><code>d3403b5</code></a> Add Ninja v1.12.1 to the testing (<a href="https://redirect.github.com/seanmiddleditch/gha-setup-ninja/issues/32">#32</a>)</li> <li>See full diff in <a href="https://github.com/seanmiddleditch/gha-setup-ninja/compare/v5...v6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Windows User Space Emulator
A high-performance Windows process emulator that operates at syscall level, providing full control over process execution through comprehensive hooking capabilities.
Perfect for security research, malware analysis, and DRM research where fine-grained control over process execution is required.
Built in C++ and powered by the Unicorn Engine.
Key Features
- 🔄 Syscall-Level Emulation
- Instead of reimplementing Windows APIs, the emulator operates at the syscall level, allowing it to leverage existing system DLLs
- 📝 Advanced Memory Management
- Supports Windows-specific memory types including reserved, committed, built on top of Unicorn's memory management
- 📦 Complete PE Loading
- Handles executable and DLL loading with proper memory mapping, relocations, and TLS
- ⚡ Exception Handling
- Implements Windows structured exception handling (SEH) with proper exception dispatcher and unwinding support
- 🧵 Threading Support
- Provides a scheduled (round-robin) threading model
- 💾 State Management
- Supports both full state serialization and fast in-memory snapshots
- 💻 Debugging Interface
- Implements GDB serial protocol for integration with common debugging tools (IDA Pro, GDB, LLDB, VS Code, ...)
Note
The project is still in a very early, prototypy state. The code still needs a lot of cleanup and many features and syscalls need to be implemented. However, constant progress is being made :)
Preview
YouTube Overview
Click here for the slides.
Build Instructions
Prerequisites
- Windows 64-bit (click here for cross-platform status)
- CMake
- Git
Getting Started
Clone the repository with submodules:
git clone https://github.com/momo5502/emulator.git
cd emulator
git submodule update --init --recursive
Run the following commands in an x64 Development Command Prompt
Visual Studio 2022
cmake --preset=vs2022
Solution will be generated at build/vs2022/emulator.sln
Ninja
Debug build:
cmake --workflow --preset=debug
Release build:
cmake --workflow --preset=release
Dumping the Registry
The emulator needs a registry dump to run, otherwise it will print Bad hive file errors.
You can create one by running the src/tools/grab-registry.bat script as administrator.
This will create a registry folder that needs to be placed in the working directory of the emulator.
Running Tests
The project uses CTest for testing. Choose your preferred method:
Visual Studio:
- Build the
RUN_TESTStarget
Ninja:
cd build/release # or build/debug
ctest