Microsoft

Shellcode Analysis via MSEC Debugger Extensions

In a previous post we provided some background on the !exploitable Crash Analyzer which was released earlier this year. One of the things that we didn’t mention is that !exploitable is just one of the ...
GitHub

sharem-blue-shellcode-analysis-disassembler-dfir-framework

SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, ...
GitHub

Metasploit Shellcode Analysis (shell_bind_tcp)

Initial analysis of payload with libemu: Using libemu to discover what is the task of the shellcode. The following command will provide a very verbose trace of execution, the output from which will be ...