Hog
Hog is an engine for full system emulation, system introspection, and rapid state analysis. It is based on QEMU, an open source full system emulator.
Hog at a Glance
The core features we have added to Hog are a rapid analysis system or code segment testing and a plugin system for extending base functionality.
Plugins
On CPU Interrupt Analysis
On CPU Exception Analysis
On Syscall Analysis
On CPU Instruction Analysis
On Memory Read/Write Analysis
On Network Packet Send/Receive Analysis
External User Command Addition
Plugins can be written in Python, C, and C++
Rapid Analysis
Configurable Analysis Start Point
Configurable Number Of Instructions Per Session
Configurable Number Instructions Per State Analysis
Configurable Interrupt Preempting
Plugin Hooks For Session Start, End, and Idle
Building on Hog
We use plugins and rapid analysis to add some interesting features to Hog. Here are just a few examples:
Full system debugging with GDB like syntax
Operating System Inspection for some Linux based operating systems
Application fuzzing loosely based on AFL
A highly configurable Qt based user interface
