The next generation of kordesii. This is a library (not a framework) for managing emulation and provides utilities for interfacing with decompiled malware samples using dragodis.
Rugosa is meant to be used with an automation framework such as DC3-MWCP, but can also be used in one-off scripting.
pip install rugosa
You will also need to setup a backend disassembler by following Dragodis's installation instructions.
The following utilities are included with Rugosa:
Rugosa includes a IDA and Ghidra plugin which provides a GUI for using the emulation utility. For more information on how to install and use the plugin please see the documentation.
