Published on May 23rd, 2019 📆 | 7676 Views ⚑0
Sojobo – A Binary Analysis Framework
Sojobo - A Binary Analysis Framework
Sojobo is an emulator for the B2R2 framework. It was created to easier the analysis of potentially malicious files. It is totally developed in .NET so you don't need to install or compile any other external libraries (the project is self contained).
With Sojobo you can:
- Emulate a (32 bit) PE binary
- Inspect the memory of the emulated process
- Read the process state
- Display a disassembly of the executed code
- Emulate functions in a managed language (C# || F#)
Sojobo is intended to be used as a framework to create program analysis utilities. However, various sample utilities were created in order to show how to use the framework in a profitable way.
In order to compile Sojobo you need .NET Core to be installed and Visual Studio. To compile just run build.bat.