SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also contains its own custom disassembler, with many innovative features, such as being able to show the deobfuscated disassembly of an encoded shellcode, or integrating emulation data to enhance the disassembly.
Updated the wrapper for the integration to make it a little easier to handle the data. The files are being opened up and converted into json, the file is then closed, and the json object is returned. This helps to streamline the collection of data in a few less lines of code in the parser which can be handled in the Sharem package.
Updated the wrapper for the integration to make it a little easier to handle the data. The files are being opened up and converted into json, the file is then closed, and the json object is returned. This helps to streamline the collection of data in a few less lines of code in the parser which can be handled in the Sharem package.