Qiling is an advanced binary emulation framework, with the following features:
- Cross platform: Windows, MacOS, Linux, BSD, UEFI, DOS
- Cross architecture: X86, X86_64, Arm, Arm64, MIPS, 8086
- Multiple file formats: PE, MachO, ELF, COM
- Support Linux Kernel Module(.ko) , Windows Driver(.sys) and MacOS Kernel(.kext) via Demigod
- Emulates & sandbox machine code in an isolated environment
- Supports cross architecture and platform debugging capabalities
- Provides high level API to setup & configure the sandbox
- Fine-grain instrumentation: allows hooks at various levels (instruction/basic-block/memory-access/exception/syscall/IO/etc)
- Allows dynamic hotpatch on-the-fly running code, including the loaded library
- True framework in Python, making it easy to build customized security analysis tools on top
Qiling is backed by Unicorn engine.
Visit our website https://www.qiling.io for more information.
This project is released and distributed under free software license GPLv2.
- LAU kaijern (xwings) firstname.lastname@example.org
- NGUYEN Anh Quynh email@example.com
- DING tianZe (D1iv3) firstname.lastname@example.org
- SUN bowen (w1tcher) email@example.com
- CHEN huitao (null) firstname.lastname@example.org
- YU tong (sp1ke) email@example.com
- Earl Marcus (klks84) firstname.lastname@example.org
Travis-CI, Docker, Website and Documentation
- FOO Kevin (chfl4gs) email@example.com