dumpulator
An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).
BSL-1.0 License
Bot releases are visible (Hide)
Published by github-actions[bot] almost 3 years ago
Published by github-actions[bot] almost 3 years ago
- Deterministic order for operand registers in trace
- Remove trap flag at the beginning of a trace and set gs_base
- Decode utf-16 strings properly
- Fix a bug with memory mapping addresses >= 0x80000000 on 32-bit
- Add a helper script to convert x64dbg traces to dumpulator traces
- Ignore some files and stub ZwQueryInformationToken
Full Changelog: https://github.com/mrexodia/dumpulator/compare/v0.0.4...v0.0.5
Published by mrexodia almost 3 years ago
What's Changed
- Improve the trace format to make it more human-readable (include module transitions and export labels)
Full Changelog: https://github.com/mrexodia/dumpulator/compare/v0.0.3...v0.0.4
Published by github-actions[bot] almost 3 years ago
What's Changed
- Polish README
- Initial implementation of 32-bit processes
- Move the MiniDumpPlugin to a separate repository
- Add GitHub Actions to publish to PyPI
Full Changelog: https://github.com/mrexodia/dumpulator/compare/v0.0.2...v0.0.3
Published by mrexodia almost 3 years ago
What's Changed
- Vendor the locally patched minidump library, see: https://github.com/skelsec/minidump/pull/28
Full Changelog: https://github.com/mrexodia/dumpulator/compare/v0.0.1...v0.0.2
Published by mrexodia almost 3 years ago
- Initial prototype.