Tool and Usage
|Programming languages||C++, Python|
|Latest release||No release found|
Why this tool?
PyREBox is short for Python scriptable Reverse Engineering Sandbox. It provides dynamic analysis and debugging capabilities of a running QEMU virtual machine. The primary usage is the analysis of running processes to perform reverse engineering. PyREBox can change parts of the running system by changing data in memory or within processor registers.
How it works
The analysis within the virtual machine can be influenced by using Python scripts to automate tasks. With the help of Virtual Machine Introspection (VMI) based on Volatility, information from the guest can be retrieved without changes to the guest itself.
Usage and audience
PyREBox is commonly used for binary analysis, malware analysis, or reverse engineering. Target users for this tool are developers, forensic specialists, malware analysts, and security professionals.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
Supported operating systems
PyREBox is known to work on Linux.
Several dependencies are required to use PyREBox.
Similar tools to PyREBox:
Cutter is a graphical user interface for radare2, the well-known reverse engineering framework. Read how it works in this review.
LIEF is a library to analyze executable formats like ELF, MachO, and PE. It can be used during reverse engineering, binary analysis, and malware research.
Radare2 is a tool to perform reverse engineering on files of all types. It can be used to analyze malware, firmware, or any other type of binary files. Read how it works in this review.
Found an improvement? Help the community by submitting an update.