speakeasy¶

Category: Malware Analysis

Homepage: https://github.com/mandiant/speakeasy

Vendor: Mandiant

License: MIT License

Source: Python

Profiles: Full, Basic

File Extensions: .exe, .dll, .sys, .bin

Tags: malware-analysis, emulation, shellcode, reverse-engineering, windows

Windows malware emulation framework that executes binaries, drivers, and shellcode in a modeled Windows runtime without a full VM. Produces structured JSON reports.

Tips¶

Docs are available in C:\git\speakeasy\docs, and the source code is in C:\git\speakeasy.