windows-user-space-emulator

Lightemerald/windows-user-space-emulator

mirror of https://github.com/momo5502/emulator.git synced 2026-01-11 16:46:16 +00:00

Go to file

Maurice Heumann f19bc87753 Build(deps-dev): Bump vite from 7.2.6 to 7.3.0 in /page (#661 )

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite)
from 7.2.6 to 7.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/releases">vite's
releases</a>.</em></p>
<blockquote>
<h2>v7.3.0</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v7.3.0/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
<h2>v7.2.7</h2>
<p>Please refer to <a
href="https://github.com/vitejs/vite/blob/v7.2.7/packages/vite/CHANGELOG.md">CHANGELOG.md</a>
for details.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/vitejs/vite/blob/v7.3.0/packages/vite/CHANGELOG.md">vite's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/vitejs/vite/compare/v7.2.7...v7.3.0">7.3.0</a>
(2025-12-15)</h2>
<h3>Features</h3>
<ul>
<li><strong>deps:</strong> update esbuild from ^0.25.0 to ^0.27.0 (<a
href="https://redirect.github.com/vitejs/vite/issues/21183">#21183</a>)
(<a
href="cff26ec0fc">cff26ec</a>)</li>
</ul>
<h2><!-- raw HTML omitted --><a
href="https://github.com/vitejs/vite/compare/v7.2.6...v7.2.7">7.2.7</a>
(2025-12-08)<!-- raw HTML omitted --></h2>
<h3>Bug Fixes</h3>
<ul>
<li>plugin shortcut support (<a
href="https://redirect.github.com/vitejs/vite/issues/21211">#21211</a>)
(<a
href="721f16343d">721f163</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="acf7e05eae"><code>acf7e05</code></a>
release: v7.3.0</li>
<li><a
href="cff26ec0fc"><code>cff26ec</code></a>
feat(deps): update esbuild from ^0.25.0 to ^0.27.0 (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21183">#21183</a>)</li>
<li><a
href="317b3b272f"><code>317b3b2</code></a>
release: v7.2.7</li>
<li><a
href="721f16343d"><code>721f163</code></a>
fix: plugin shortcut support (<a
href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21211">#21211</a>)</li>
<li>See full diff in <a
href="https://github.com/vitejs/vite/commits/v7.3.0/packages/vite">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=vite&package-manager=npm_and_yarn&previous-version=7.2.6&new-version=7.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

2026-01-02 10:25:52 +01:00

.github

Build(deps): Bump egor-tensin/setup-mingw from 2 to 3 (#653 )

2026-01-02 08:57:01 +01:00

cmake

cmake: rename MOMO_BUILD_AS_LIBRARY to SOGEN_BUILD_STATIC

2025-12-02 16:24:27 -08:00

deps

Build(deps): Bump deps/flatbuffers from a577050 to 8914d06 (#648 )

2026-01-02 10:01:01 +01:00

docs/images

Add cover image

2025-01-10 21:13:15 +01:00

page

Build(deps-dev): Bump vite from 7.2.6 to 7.3.0 in /page

2026-01-02 08:55:38 +00:00

src

Build(deps): Bump deps/flatbuffers from a577050 to 8914d06 (#648 )

2026-01-02 10:01:01 +01:00

.clang-format

Force new line at EOF

2025-10-12 17:21:51 +02:00

.clang-format-ignore

Move clang format to root

2025-06-18 18:23:31 +02:00

.clang-tidy

Fix more warnings

2025-03-18 20:58:26 +01:00

.gitignore

Display emulation status

2025-07-11 13:43:21 +02:00

.gitmodules

Merge remote-tracking branch 'origin/main' into unicorn-upgrade-2

2025-08-23 10:40:48 +02:00

CMakeLists.txt

cmake: rename MOMO_BUILD_AS_LIBRARY to SOGEN_BUILD_STATIC

2025-12-02 16:24:27 -08:00

CMakePresets.json

Use RelWithDebInfo

2025-05-29 10:13:17 +02:00

LICENSE

Switch to GPL as unicorn requires it

2024-10-23 19:10:13 +02:00

README.md

Revise warning on malware analysis and isolation

2025-12-22 08:03:09 +01:00

README.md

Sogen is a high-performance Windows user space emulator that operates at syscall level, providing full control over process execution through comprehensive hooking capabilities.

Perfect for security research, malware analysis, and DRM research where fine-grained control over process execution is required.

Built in C++ and powered by the Unicorn Engine or the icicle-emu.

Try it out: sogen.dev

Warning

Caution is advised when analyzing malware in Sogen, as host isolation might not be perfect.
To mitigate potential risk, use the web version to benefit from the additional safety provided by your browser's sandbox.

Key Features

🔄 Syscall-Level Emulation
- Instead of reimplementing Windows APIs, the emulator operates at the syscall level, allowing it to leverage existing system DLLs
📝 Advanced Memory Management
- Supports Windows-specific memory types including reserved, committed, built on top of Unicorn's memory management
📦 Complete PE Loading
- Handles executable and DLL loading with proper memory mapping, relocations, and TLS
⚡ Exception Handling
- Implements Windows structured exception handling (SEH) with proper exception dispatcher and unwinding support
🧵 Threading Support
- Provides a scheduled (round-robin) threading model
💾 State Management
- Supports both full state serialization and ~~fast in-memory snapshots~~ (currently broken 😕)
💻 Debugging Interface
- Implements GDB serial protocol for integration with common debugging tools (IDA Pro, GDB, LLDB, VS Code, ...)

Preview

YouTube Overview

Click here for the slides.

Quick Start (Windows + Visual Studio)

Tip

Checkout the Wiki for more details on how to build & run the emulator on Windows, Linux, macOS, ...

1. Checkout the code:

git clone --recurse-submodules https://github.com/momo5502/sogen.git

2. Run the following command in an x64 Development Command Prompt in the cloned directory:

cmake --preset=vs2022

3. Build the solution that was generated at build/vs2022/emulator.sln

4. Create a registry dump by running the grab-registry.bat as administrator and place it in the artifacts folder next to the analyzer.exe

5. Run the program of your choice:

analyzer.exe C:\example.exe

Languages

C++ 85%

TypeScript 10%

Rust 2.7%

CMake 1.5%

CSS 0.3%

Other 0.4%