Malcore’s Blog

Share this post

Ghidra Dynamic Emulation Plugin

blog.malcore.io

Ghidra Dynamic Emulation Plugin

Dynamic emulation through the Malcore API

David Robinson
Dec 8, 2022
Share
Share this post

Ghidra Dynamic Emulation Plugin

blog.malcore.io

Malcore Login

Malcore now supports Ghidra as we enable you to perform dynamic analysis within Ghidra without the need for a sandbox:


What does this do?

Ghidra is a reverse engineering framework developed by the NSA and released to the public. It allows users to create custom plugins and implement them into Ghidra for use. This plugin allows users a quick and efficient way to perform dynamic analysis while performing reverse engineering. It will provide you with Windows API call information, the arguments passed to the API function, and the return value of the call. It will also provide you with a post analysis report that will give an amount of potentially suspicious calls, file architecture, as well as an API hash.


Key Features:

  • Dynamic emulation of files

  • Function call coverage

  • Loaded library coverage

  • API hash


Installation:

Installation is simple and a detailed explanation can be found on the Github repository. In order to use this plugin you must have a Malcore API key. To get yours register on Malcore today.


Download Plugin

Register on Malcore

Thanks for reading Malcore’s Blog! Subscribe for free to receive new posts and support my work.

Share
Share this post

Ghidra Dynamic Emulation Plugin

blog.malcore.io
Top
New
Community

No posts

Ready for more?

© 2023 Malcore Team
Privacy ∙ Terms ∙ Collection notice
Start WritingGet the app
Substack is the home for great writing