PyREBox

PyREBox is a Python scriptable Reverse Engineering sandbox. It is based on QEMU, and its goal is to aid reverse engineering by providing dynamic analysis and debugging capabilities from a different perspective. PyREBox allows to inspect a running QEMU VM, modify its memory or registers, and to instrument its execution, by creating simple scripts in Python to automate any kind of analysis. It also offers a shell based on IPython that exposes a rich set of commands, as well as a Python API.

PyREBox is currently under development, and still does not support every architecture and operating system. Nevertheless, this support will be extended in the future. We believe this framework can be valuable for the community, and we invite researchers to contribute with new scripts that can unleash the full potential of PyREBox.

*Note - This tool is not officially supported and the user assumes all liability for the use of this tool.