# Rugosa
The next generation of [kordesii](https://github.com/Defense-Cyber-Crime-Center/kordesii).
This is a library (not a framework) for managing emulation and provides utilities
for interfacing with decompiled malware samples using [dragodis](https://github.com/Defense-Cyber-Crime-Center/dragodis).
Rugosa is meant to be used with an automation framework such as [DC3-MWCP](https://github.com/Defense-Cyber-Crime-Center/DC3-MWCP),
but can also be used in one-off scripting.
## Install
```
pip install rugosa
```
You will also need to setup a backend disassembler by following [Dragodis's installation instructions](https://github.com/Defense-Cyber-Crime-Center/dragodis/blob/master/docs/install.rst).
## Utilities
The following utilities are included with Rugosa:
- [Emulation](./docs/CPUEmulation.md)
- [Extra Disssembly Interfaces](./rugosa/disassembly.py)
- [Regex](./docs/Regex.md)
- [Strings](./rugosa/strings.py)
- [YARA](./docs/YARA.md)
## Emulator Plugin
Rugosa includes a IDA and Ghidra plugin which provides a GUI for using the [emulation](./docs/CPUEmulation.md) utility.
For more information on how to install and use the plugin please see the [documentation](./docs/EmulatorPlugin.md).
![](docs/assets/ida_overview.png)
![](docs/assets/ghidra_overview.png)
Raw data
{
"_id": null,
"home_page": "https://github.com/Defense-Cyber-Crime-Center/rugosa",
"name": "rugosa",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.8",
"maintainer_email": "",
"keywords": "malware,ida,ghidra,emulation,strings",
"author": "DC3",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/a1/e0/bd6a75252a7362469c83441e4efbc48efb4117c6375439ae28ff491b09e0/rugosa-0.9.0.tar.gz",
"platform": null,
"description": "# Rugosa\n\nThe next generation of [kordesii](https://github.com/Defense-Cyber-Crime-Center/kordesii). \nThis is a library (not a framework) for managing emulation and provides utilities \nfor interfacing with decompiled malware samples using [dragodis](https://github.com/Defense-Cyber-Crime-Center/dragodis).\n\nRugosa is meant to be used with an automation framework such as [DC3-MWCP](https://github.com/Defense-Cyber-Crime-Center/DC3-MWCP),\nbut can also be used in one-off scripting.\n\n\n## Install\n\n```\npip install rugosa\n```\n\nYou will also need to setup a backend disassembler by following [Dragodis's installation instructions](https://github.com/Defense-Cyber-Crime-Center/dragodis/blob/master/docs/install.rst).\n\n\n## Utilities\n\nThe following utilities are included with Rugosa:\n- [Emulation](./docs/CPUEmulation.md)\n- [Extra Disssembly Interfaces](./rugosa/disassembly.py)\n- [Regex](./docs/Regex.md)\n- [Strings](./rugosa/strings.py)\n- [YARA](./docs/YARA.md)\n\n\n## Emulator Plugin\n\nRugosa includes a IDA and Ghidra plugin which provides a GUI for using the [emulation](./docs/CPUEmulation.md) utility.\nFor more information on how to install and use the plugin please see the [documentation](./docs/EmulatorPlugin.md).\n\n![](docs/assets/ida_overview.png)\n\n![](docs/assets/ghidra_overview.png)\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "The next generation of kordesii. This is a library for managing emulation and provides utilities for interfacing with decompiled malware samples using dragodis.",
"version": "0.9.0",
"project_urls": {
"Homepage": "https://github.com/Defense-Cyber-Crime-Center/rugosa"
},
"split_keywords": [
"malware",
"ida",
"ghidra",
"emulation",
"strings"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "2b9a64304bfa7743086ba56661069f4064075c13ea8300e2a6856a90f7f24bc6",
"md5": "f3dc920452549e294e36b8306c0eb960",
"sha256": "f811c88de668a661ecd67fbc6cd0770425288d9abdd6cc3c7306b52a47daaefe"
},
"downloads": -1,
"filename": "rugosa-0.9.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "f3dc920452549e294e36b8306c0eb960",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.8",
"size": 161839,
"upload_time": "2023-09-25T14:28:14",
"upload_time_iso_8601": "2023-09-25T14:28:14.727358Z",
"url": "https://files.pythonhosted.org/packages/2b/9a/64304bfa7743086ba56661069f4064075c13ea8300e2a6856a90f7f24bc6/rugosa-0.9.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "a1e0bd6a75252a7362469c83441e4efbc48efb4117c6375439ae28ff491b09e0",
"md5": "b11df7e0dd9e7dced595870e994226d4",
"sha256": "c5d72c398f0cdfc091a1cb6425e158f6782831395539f949c4d8963615c7c0a0"
},
"downloads": -1,
"filename": "rugosa-0.9.0.tar.gz",
"has_sig": false,
"md5_digest": "b11df7e0dd9e7dced595870e994226d4",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.8",
"size": 131486,
"upload_time": "2023-09-25T14:28:16",
"upload_time_iso_8601": "2023-09-25T14:28:16.161803Z",
"url": "https://files.pythonhosted.org/packages/a1/e0/bd6a75252a7362469c83441e4efbc48efb4117c6375439ae28ff491b09e0/rugosa-0.9.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-09-25 14:28:16",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "Defense-Cyber-Crime-Center",
"github_project": "rugosa",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "rugosa"
}