tobias
e62a14dafc
Generate interlinked wiki from master inventory: 397 tool pages, 15 workflow pages, 27 recipe pages, 33 category pages, plus index. All pages use [[wiki-links]] for cross-navigation between tools, workflows, recipes, and categories (1782 links total). Install zk for interactive browsing with fzf search, tag filtering, and backlink discovery. Add 'fhelp wiki' command and Makefile target. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1.3 KiB
1.3 KiB
speakeasy
Windows binary emulator — emulates API calls to analyze malware behavior without native execution
Category: categories/statically-analyze-code-pe-files | Tier: Rich (FOR610) Docs: https://docs.remnux.org/discover-the-tools/statically+analyze+code/pe-files
Usage
speakeasy -t specimen.exe -o report.json 2> report.txt
speakeasy -t shellcode.bin -r -a x86
Recipes
Workflows
- workflows/behavioral-analysis-workflow — Step 4: Emulation (Safe Alternative)
- workflows/unpacking-workflow — Step 3: Emulation-Based Unpacking
- workflows/shellcode-analysis-workflow — Step 3: Emulation
Related Tools
- tools/binee-binary-emulation-environment — Analyze I/O operations of a suspicious PE file by emulating
- tools/capa — Identify malware capabilities mapped to MITRE ATT&CK framewo
- tools/mbcscan — Scan a PE file to list the associated Malware Behavior Catal
FOR610
Labs: 1.4 Sections: 1
#emulation #api-calls #behavioral-analysis