How to use the vivisect.impemu.monitor.EmulationMonitor function in vivisect
To help you get started, we’ve selected a few vivisect examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
fireeye / flare-ida / python / flare / argtracker.py View on Github 
import idaapi
import idautils
import jayutils
import vivisect
import vivisect.impemu as viv_imp
import vivisect.impemu.monitor as viv_imp_monitor
from visgraph import pathcore as vg_path
########################################################################
#
#
########################################################################
class RegMonitor(viv_imp_monitor.EmulationMonitor):
'''
This tracks all register changes, even if it's not currently an interesting reg
because we need to trace register changes backwards.
'''
def __init__(self, regs):
viv_imp_monitor.EmulationMonitor.__init__(self)
self.logger = jayutils.getLogger('argracker.RegMonitor')
self.regs = regs[:]
self.reg_map = {}
def prehook(self, emu, op, starteip):
try:
#self.logger.debug('prehook: 0x%08x', starteip)
self.cachedRegs = emu.getRegisters()
self.startEip = starteipvivisect
Pure python disassembler, debugger, emulator, and static analysis framework
Package Health Score
80 / 100Popular vivisect functions
- vivisect.const
- vivisect.const.EXP_FUNCTION
- vivisect.const.EXP_UNTYPED
- vivisect.const.L_SIZE
- vivisect.const.L_VA
- vivisect.const.LOC_IMPORT
- vivisect.const.LOC_OP
- vivisect.const.LOC_STRING
- vivisect.const.LOC_UNI
- vivisect.const.REF_CODE
- vivisect.const.VASET_ADDRESS
- vivisect.const.VASET_INTEGER
- vivisect.impemu
- vivisect.impemu.monitor.EmulationMonitor
- vivisect.impemu.monitor.EmulationMonitor.__init__
- vivisect.parsers.pe
- vivisect.VivWorkspace