Showcase
In our knowledge, Unicorn has been used by 123 following products (listed in no particular order).
- Qiling: Cross-platform & multi-architecture lightweight sandbox.
- udbserver: A plugin for Unicorn to provide a debug server.
- UniDOS: Microsoft DOS emulator.
- Radare2: Unix-like reverse engineering framework and commandline tools.
- Usercorn: User-space system emulator.
- Unicorn-decoder: A shellcode decoder that can dump self-modifying-code.
- Univm: A plugin for x64dbg for x86 emulation.
- PyAna: Analyzing Windows shellcode.
- GEF: GDB Enhanced Features.
- Pwndbg: A Python plugin of GDB to assist exploit development.
- Eli.Decode: Decode obfuscated shellcodes.
- IdaEmu: an IDA Pro Plugin for code emulation.
- Roper: build ROP-chain attacks on a target binary using genetic algorithms.
- Sk3wlDbg: A plugin for IDA Pro for machine code emulation.
- Angr: A framework for static & dynamic concolic (symbolic) analysis.
- Cemu: Cheap EMUlator based on Keystone and Unicorn engines.
- ROPMEMU: Analyze ROP-based exploitation.
- BroIDS_Unicorn: Plugin to detect shellcode on Bro IDS with Unicorn.
- UniAna: Analysis PE file or Shellcode (Only Windows x86).
- ARMSCGen: ARM Shellcode Generator.
- TinyAntivirus: Open source Antivirus engine designed for detecting & disinfecting polymorphic virus.
- Patchkit: A powerful binary patching toolkit.
- Arpilnik: Very simple arithmetric expression compiler for x86_64 machines.
- Shellbug: Basic command-line, text-based, shellcode debugger.
- GCTF-Challenges: An assembly based puzzle at GryphonCTF 2016.
- Sibyl: A Miasm2 based function divination.
- Kadabra: A blanked execution framework.
- Fuzzemu: Instruction emulator for the Cortex-M3 ARM.
- Simuvex: Symbolic execution engine for the VEX IR.
- VulcanoIO: Open Source Cluster IOTs for Reverse Engineering Malware.
- Nao: Dead code eliminator plugin for IDA Pro.
- Ripr: Rip out functionality from binary code to use from Python.
- Unicorn.Js: A port of the Unicorn emulator for JavaScript.
- SECCON2016 CTF: Online CTF game (Crypto 200, Lost Description).
- Pwntools: CTF framework and exploit development library.
- Indika: A blanket execution/min hash semantic hash tool for binary function identification.
- Pogom-updated: The fastest Pokémon Go map available.
- x86-64-pe-emu: AMD64 Windows PE Emulator in Python.
- cgPwn: Cyber Grand Pwnage Box.
- unitracer: Windows API tracer for malware.
- Asrepl: x86-64 assembly REPL.
- unicorn-libemu-shim: libemu shim layer and win32 environment for Unicorn Engine.
- UniversalRop: Small tool for generating ropchains using Unicorn and Z3.
- Manticore: Dynamic binary analysis tool.
- PrimeU: Emulator for the HP Prime calculator.
- JSRT: Javascript Runtime for Windows, based on Chakra.
- Cuckoo: Automated dynamic malware analysis system.
- AroeA: IDA script to extract stack strings + simple deobfuscate.
- Unico: Unicorn PE function runner.
- Pegasus: Windbg emulation plugin.
- AsmShell: Command Line Assembler Shell.
- uEmu: Tiny cute emulator plugin for IDA based on Unicorn.
- CageTheUnicorn: Debugging/emulating environment for Switch code.
- Asemu: 32-bit x86 emulator using ncurses and Capstone/Keystone/Unicorn.
- CircuitBreaker: Nintendo Switch hacking toolkit.
- ROPChain: ROPChain generator.
- AFL-Unicorn: Fuzz any piece of binary.
- rengage: Nokia N-Gage reverse engineering platform/emulator.
- openswe1r: An Open-Source port of the 1999 Game ‘Star Wars: Episode 1 Racer’.
- Syntia: Synthesizing the Semantics of Obfuscated Code.
- uDdbg: A GDB like debugger that provide a runtime env to Unicorn emulator and additionals features.
- Vita3K: PlayStation Vita emulator.
- JuniEmu: Emulator interface for ARM 32bit.
- Yuzu: Open-source emulator for the Nintendo Switch.
- Dynarmic: An ARM dynamic recompiler.
- Fygimbal: Tools for talking to the Feiyu Tech gimbal via serial.
- SlothEmu: Unicorn emulator for x64dbg.
- Dbghlpr: It provides various functions useful for debugging using Windbg.
- UniPE: A small framwork to execute PE files with UniCorn.
- Pimp my ride: Multi-architecture CPU Emulator.
- EKA2L1: Symbian OS emulator.
- Cxbx-Reloaded: Xbox (Original) Emulator.
- Vios: Experimental Playstation Vita Emulator.
- Fuzzle: A stateful fuzzing engine.
- EmuHookDetector: Hook detector using emulation and comparing static with dynamic output.
- Scanr: Detect x86 shellcode in files and traffic.
- Binja-secret: Binary Ninja plugin that encapsulate Frida, Unicorn, Capstone and Keystone.
- AndroidNativeEmu: Partly emulate an Android native library.
- Frick: The first debugger built on top of Frida.
- Emufuzz: libFuzzer + Unicorn + Capstone.
- vtMal: Malware Sandbox Emulation in Python.
- Reil: A C++ translation/emulation library for the Aarch64 instruction set to REIL.
- Cmulator: Scriptable Reverse Engineering Sandbox Emulator for shellcode or PE binaries.
- unicorn_string_deobfuscator: A Unicorn based emulator to deobfuscate Equation Group string XOR obfuscation.
- Flare IDA: IDA Pro utilities from FLARE team.
- Flare Emu: Emulator for IDA Pro.
- ish: Linux shell for iOS. Uses Unicorn as a reference for testing the custom emulator.
- Unicorn Tracer: Adds some functionalities to the Unicorn framework to ease tracing of changes in memory.
- Pad unpacker: Puzzle and Dragons binary unpacker.
- Ryujinx: Experimental Switch emulator written in C#.
- pyGDB remote: a Python GDB remote protocol implementation.
- lakebed: Emulation-based testing for Nintendo Switch reimplementations.
- Unicorn PE: Unicorn based emulator for Windows PE files.
- Triton: Dynamic Binary Analysis framework.
- Emusca: Power trace simulator for side channel analysis attack testing.
- ucui-unicorn: ncurses shellcode/instructions tester.
- Dwarf: A debugger for reverse engineers, crackers and security analyst.
- Un{i}packer: Automatic and platform-independent unpacker for Windows binaries.
- Rainbow: Easy scripting interface to emulate embedded binaries for tracing.
- Unidbg: Emulate an Android ARM32 and/or ARM64 native library.
- HDD-Firmware-Emulation: Emulating SAMSUNG HM641JI HDD firmware using Unicorn.
- xdvre: A disassembler/debugger that works based on the extension plugin.
- astro: A safe sandbox for C autograding.
- ARMStrong: A fast and simple ARM Simulator made for education.
- RopDissector: A framework for static analysis of ROP exploits and programs.
- ELMO2: ELMO2 is designed to help software engineers quickly identify side channel security risks during development stages.
- NetGuard Unpacker: Public NetGuard Deobfuscator.
- ipasim: iOS emulator for Windows.
- taintinduce: Automate the creation of taint propagation rules for unknown instruction sets.
- UnicoreFuzz: Fuzzing the Kernel Using AFL-Unicorn.
- UniTaint: PoC for a taint based attack on VMProtect.
- Lightswitch: Run Nintendo Switch homebrew and games on your Android device!
- unicorn-bios: Basic BIOS emulator for Unicorn Engine.
- uniFuzzer: A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer.
- Binee: Binary emulation environment.
- Packman deobfuscator: League-of-Legends anti-cheat code deobfuscator.
- aah: Arm64 architecture handler.
- tracecorn_tina: A modified version base on Tracecorn for unpacking.
- EFI DXE Emulator: EFI DXE Emulator and Interactive Debugger.
- ShellCodeEmulator: Windows shellcode emulator.
- Frankenstein: Broadcom and Cypress firmware emulation for fuzzing and further full-stack debugging.
- AFLplusplus: A superior fork to Google’s afl - more speed, more and better mutations, more and better instrumentation, custom module support, etc.
- vmrp: Feature phone ‘mrp’ format software simulator
Please let us know, so we can put you in the list above, if you are also using Unicorn, either:
-
for your products.
-
for your training classes.
-
for your works.