[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-register-public] [task #5774] Submission of penalyze2 PE execu
From: |
Stephan Peijnik |
Subject: |
[Savannah-register-public] [task #5774] Submission of penalyze2 PE executable analyzer |
Date: |
Thu, 3 Aug 2006 14:26:11 +0200 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.5) Gecko/20060626 Firefox/1.5.0.5 (Debian-1.5.dfsg+1.5.0.5-1) |
URL:
<http://savannah.nongnu.org/task/?func=detailitem&item_id=5774>
Summary: Submission of penalyze2 PE executable analyzer
Project: Savannah Administration
Submitted by: speijnik
Submitted on: Thursday 08/03/2006 at 14:26
Should Start On: Thursday 08/03/2006 at 00:00
Should be Finished on: Sunday 08/13/2006 at 00:00
Category: Project Approval
Priority: 5 - Normal
Status: None
Privacy: Public
Assigned to: None
Percent Complete: 0%
Open/Closed: Open
Effort: 0.00
_______________________________________________________
Details:
A new project has been registered at Savannah
The project account will remain inactive until a site admin approve or
discard the registration.
######### REGISTRATION ADMINISTRATION #########
While this item will be useful to track the registration process, approving
or discarding the registration must be done using the specific "Group
Administration" page, accessible only to site administrators, effectively
logged as site administrators (superuser):
<https://savannah.nongnu.org/siteadmin/groupedit.php?group_id=8704>
######### REGISTRATION DETAILS #########
Full Name:
----------
penalyze2 PE executable analyzer
System Group Name:
-----------------
penalyze2
Type:
-----
non-GNU software & documentation
License:
--------
GNU General Public License V2 or later
Description:
------------
penalyze2 is a PE (win32) executable analyzer that uses emulation
techniques for analyzation. The goal of this software package is to provide a
free (as in freedom) utility that helps malware researchers doing their daily
work. Even though it includes disassembing the x86 bytecode it is not a
conventional disassembler as it emulates everything whilst disassembling.
This makes sure runtime packers can be easily circumvented. Apart from using
a public domain x86 decoder library it implements instruction handlers which
emulate an x86 processor and of course also emulates as many common library
calls as possible. However, it is not only intended to be an implementation
but more a way to get to some knowledge freely (as in free beer). It is
planned to also include documentation on pretty much anything it does.
The main parts of the package are: a x86 virtual machine/emulator, the x86
bytecode decoder library and a PE executable file loader. Additionally a
debugger-like CLI interface is planned to enable users to do debugging on
executables.
It has been tested on GNU/Linux on x86 only right now but has been designed
to be platform independant. Releases including support for other free and
non-free operating systems as host are planned aswell.
The current development sources are available via trac/svn from
https://trac.sp.or.at/trac/penalyze2. However, the current hosting is quite
limited in bandwidth and performance.
As a last note, the x86 decoder library being used is libdasm available from
http://nologin.org/. As public domain software it is however included in the
software package directly and linked against statically.
_______________________________________________________
Reply to this item at:
<http://savannah.nongnu.org/task/?func=detailitem&item_id=5774>
_______________________________________________
Message sent via/by Savannah
http://savannah.nongnu.org/
- [Savannah-register-public] [task #5774] Submission of penalyze2 PE executable analyzer,
Stephan Peijnik <=