all InfoSec news
Emulation with Qiling
Malware Analysis, News and Indicators - Latest topics malware.news
Introduction
Qiling is an emulation framework that builds upon the Unicorn emulator by providing higher level functionality such as support for dynamic library loading, syscall interception and more.
In this Labs post, we are going to look into Qiling and how it can be used to emulate a HTTP server binary from a router. The target chosen for this research was the NEXXT Polaris 150 travel router.
The firmware was unpacked with binwalk which found a root filesystem containing lots …
binary can dynamic emulation emulator forensics framework higher http http server interception introduction labs library qiling router server support syscall target unicorn