Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-18 11:13:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
985 Commits 2 Branches 0 Tags
3836f5d381f2724584ee506ba26ef571f09ca002
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Maurice Heumann 3836f5d381 Always use release windows artifacts (#186) 
This will always use the windows release test sample artifacts. It
doesn't really make sense to test the debug artifacts. They're just
slower and do the same.

This will still run debug artifacts on windows.
The change only applies to non-windows platforms
2025-04-09 19:55:26 +02:00
.github
Always use release windows artifacts
2025-04-09 18:32:41 +02:00
cmake
revert: add back strip in ios
2025-04-09 12:28:19 -03:00
deps
Bump deps/googletest from 2ae29b5 to 52204f7
2025-04-01 17:54:04 +00:00
docs/images
Add cover image
2025-01-10 21:13:15 +01:00
src
chore: improve momo_strip_target and add unicord-emulator and windows-emulator-test
2025-04-09 11:00:04 -03:00
.clang-tidy
Fix more warnings
2025-03-18 20:58:26 +01:00
.gitignore
Initial commit
2024-08-15 19:00:01 +02:00
.gitmodules
Run tests in parallel
2025-02-03 20:27:28 +01:00
CMakeLists.txt
Support disabling rust code
2025-04-01 18:49:41 +02:00
CMakePresets.json
Initial commit
2024-08-15 19:00:01 +02:00
LICENSE
Switch to GPL as unicorn requires it
2024-10-23 19:10:13 +02:00
README.md
Redirect to wiki
2025-04-09 18:59:09 +02:00

README.md

Windows User Space Emulator

A high-performance Windows process emulator that operates at syscall level, providing full control over process execution through comprehensive hooking capabilities.

Perfect for security research, malware analysis, and DRM research where fine-grained control over process execution is required.

Built in C++ and powered by the Unicorn Engine (or the icicle-emu 🆕).

Key Features

  • 🔄 Syscall-Level Emulation
    • Instead of reimplementing Windows APIs, the emulator operates at the syscall level, allowing it to leverage existing system DLLs
  • 📝 Advanced Memory Management
    • Supports Windows-specific memory types including reserved, committed, built on top of Unicorn's memory management
  • 📦 Complete PE Loading
    • Handles executable and DLL loading with proper memory mapping, relocations, and TLS
  • Exception Handling
    • Implements Windows structured exception handling (SEH) with proper exception dispatcher and unwinding support
  • 🧵 Threading Support
    • Provides a scheduled (round-robin) threading model
  • 💾 State Management
    • Supports both full state serialization and fast in-memory snapshots (currently broken 😕)
  • 💻 Debugging Interface
    • Implements GDB serial protocol for integration with common debugging tools (IDA Pro, GDB, LLDB, VS Code, ...)

Note

The project is still in a very early, prototypical state. The code still needs a lot of cleanup and many features and syscalls need to be implemented. However, constant progress is being made :)

Preview

Preview

YouTube Overview

YouTube video

Click here for the slides.

Build & Run Instructions

Instructions on how to build & run the emulator and more can be found in the Wiki!

Description
🪅 Windows User Space Emulator
emulatorhacktoberfestreverse-engineeringwindows
Readme GPL-2.0 16 MiB
Languages
C++ 85.1%
TypeScript 9.9%
Rust 2.6%
CMake 1.5%
CSS 0.3%
Other 0.5%