Applied Emulation - Module 1 (Patreon)

Emulator Fundamentals

This is the first part in our five-part tutorial series on emulation. In this module we begin by learning how an emulator works under the hood. The module is accompanied by a live demo and a lab that builds on the concepts we discuss.

References

• Windows Stack Overview
  https://en.wikipedia.org/wiki/Windows_NT
• Unicorn Overview
  https://www.unicorn-engine.org/BHUSA2015-unicorn.pdf
• Ghidra Emulator
  https://github.com/Nalen98/GhidraEmu
• Speakeasy Emulator
  https://github.com/mandiant/speakeasy
• Binee Emulator
  https://github.com/carbonblack/binee
• Bochs Emulator
  https://bochs.sourceforge.io/VirtNoJit.pdf
• Online Disassembler
  https://disasm.pro/ 
• Capstone Disassembler
  https://www.capstone-engine.org/

Lab Setup

To complete the labs you must have a lab setup that meets the requirements listed in the Lab Setup.pdf document found in setup.zip. Download the setup.zip file, unzip, and follow the instructions in the PDF.

Lab Exercise

The lab for this module is contained in the lab1_zip file. Download lab1_zip, unzip, and run jupyter-lab from the root of the unzipped directory. Once Jupyter Labs is launched in your browser open the lab notebook and follow the instructions.