Building Next-Gen Security Analysis Tools With Qiling Framework

Explore the Qiling Framework, a powerful sandbox emulator for building advanced security analysis tools, in this comprehensive conference talk. Dive into the internals of Qiling, including its design, implementation, binary loader, dynamic linker, and OS environment. Learn how to leverage Qiling's rich Python API to create customizable analysis tools that can run executable binaries across different platforms and architectures. Discover practical applications such as cross-platform coverage-guided fuzzers, malware sandboxes, and IoT emulation for vulnerability research. Gain insights from the official announcement of Qiling Framework version 1.0 and future development plans. Presented by KaiJern Lau, Lab Director of The ShepherdLab at JD Security, and Simone Berni, a master student focusing on binary emulation and malware evasion techniques.