Lightemerald/windows-user-space-emulator
2
0
Fork 0
mirror of https://github.com/momo5502/emulator.git synced 2026-01-19 03:33:56 +00:00
Code Issues Packages Projects Releases Wiki Activity
209 Commits 2 Branches 0 Tags
f0332d3366a65b512906c33d4d3871385e9af84e
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
dependabot[bot] f0332d3366 Bump deps/reflect from 444d020 to a53b785 
Bumps [deps/reflect](https://github.com/qlibs/reflect) from `444d020` to `a53b785`.
- [Release notes](https://github.com/qlibs/reflect/releases)
- [Commits](444d02039e...a53b785f83)

---
updated-dependencies:
- dependency-name: deps/reflect
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-21 20:53:35 +02:00
.github
Don't upload artifacts yet
2024-08-31 09:31:49 +02:00
cmake
Enable LTO
2024-09-08 16:12:19 +02:00
deps
Bump deps/reflect from 444d020 to a53b785
2024-10-21 20:53:35 +02:00
docs/images
Add better thumbnail
2024-10-19 21:30:13 +02:00
src
Cleanup syscall dispatcher
2024-10-21 20:45:09 +02:00
.gitignore
Initial commit
2024-08-15 19:00:01 +02:00
.gitmodules
Use own unicorn fork
2024-09-01 20:11:25 +02:00
CMakeLists.txt
Prepare PEB/TEB
2024-08-17 15:30:57 +02:00
CMakePresets.json
Initial commit
2024-08-15 19:00:01 +02:00
LICENSE
Add license
2024-10-19 11:33:37 +02:00
README.md
Update README.md
2024-10-21 08:03:22 +02:00

README.md

Windows User Space Emulator

A high-performance Windows process emulator that operates at the syscall level, providing full control over process execution through comprehensive hooking capabilities.

Built in C++ and powered by the Unicorn Engine.

Key Features

  • Syscall-Level Emulation: Instead of reimplementing Windows APIs, the emulator operates at the syscall level, allowing it to leverage existing system DLLs
  • Advanced Memory Management: Supports Windows-specific memory types including reserved, committed, built on top of Unicorn's memory management
  • Complete PE Loading: Handles executable and DLL loading with proper memory mapping, relocations, and TLS
  • Exception Handling: Implements Windows structured exception handling (SEH) with proper exception dispatcher and unwinding support
  • Threading Support: Provides a scheduled (round-robin) threading model
  • State Management: Supports both full state serialization and fast in-memory snapshots
  • Debugging Interface: Implements GDB serial protocol for integration with common debugging tools (IDA Pro, GDB, LLDB, VS Code, ...)

Perfect for security research, malware analysis, and DRM research where fine-grained control over process execution is required.

Code Disclaimer

The project is still in a very early, prototypy state. The code still needs a lot of cleanup and many features and syscalls need to be implemented. However, constant progress is being made :)

Preview

Preview

YouTube Overview

YouTube video

Click here for the slides.

License

Commercial use of this project is not permitted without prior authorization.
Please contact me for inquiries about obtaining a commercial license.

Description
🪅 Windows User Space Emulator
emulatorhacktoberfestreverse-engineeringwindows
Readme GPL-2.0 16 MiB
Languages
C++ 85.1%
TypeScript 9.9%
Rust 2.6%
CMake 1.5%
CSS 0.3%
Other 0.5%