panda
Platform for Architecture-Neutral Dynamic Analysis (by panda-re)
swtpm
Libtpms-based TPM emulator with socket, character device, and Linux CUSE interface. (by stefanberger)
| panda | swtpm | |
|---|---|---|
| 7 | 14 | |
| 2,419 | 527 | |
| 1.0% | - | |
| 9.3 | 7.6 | |
| 9 days ago | 3 days ago | |
| C | C | |
| GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
panda
Posts with mentions or reviews of panda.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-06-09.
- Platform for Architecture-Neutral Dynamic Analysis (Panda)
-
Cannoli: The Fast QEMU Tracer
It's great to see new projects in this space! I wonder if you have compared Cannoli to panda [0]. If so, what was the outcome - especially regarding the performance?
[0] https://github.com/panda-re/panda
- Detecting vulnerabilities in IoT devices
-
Easy Hypervisor Heap Visualization with PyPANDA and HeapInspect
The basis for doing this from the hypervisor is Operating System Introspection (OSI). PANDA supports Windows OSI (https://github.com/panda-re/panda/tree/dev/panda/plugins/wintrospection) so I'd imagine similar techniques could be applied.
-
Using QEMU-user emulation to reverse engineer binaries
Another helpful option if you're trying to get traces out is `-d nochain`, which turns off translation block chaining (chaining inserts a direct jump from one block to the next, which can cause logging statements to be skipped).
Also, if anyone is interested in using QEMU for whole system reverse engineering, allow me to shill PANDA, which adds a plugin API, record/replay, and a nice Python interface for all of this:
https://panda.re/
-
Cuckoo Sandbox with Docker
I've had difficulty getting it working in the past. Dunno if capev2 or panda.re have docker options (panda.re is qemu based so I doubt they do, possibly capev2)
-
PyPANDA: Generic unpacking based on whole-system record and replay with Ghidra integration. Including interview with author of paper and tool Luke Craig.
Operating System Introspection (Windows and Linux)
swtpm
Posts with mentions or reviews of swtpm.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-04-16.
-
Is it possible to run a Windows 11 Virtual Machine on Linux?
Or you can just add a virtual tpm device in virt-manager while setting up the vm using swtpm. It seems to ha e packages on most major distro's.
-
Creating a Qemu Windows 10 VM on Linux
If you want Windows 11 instead for whatever reason, swtpm can emulate a TPM chip for QEMU to use.
-
Work Revived On Parallel CPU Bring-Up To Boot Linux Faster On Large Systems/Servers
You can find the source of software TPM implementations which abide to the official spec such as: https://github.com/stefanberger/swtpm but that has no real bearings on the TPM used on real hardware
-
Windows 11's current .iso file not working on qemu.
I install swtpm and in virt-manager add a TPM 2.0 emulated device and set the secure boot image before I install. This seems to work well enough.
-
Ryzen 7 [email protected], 32 GB RAM... I'm officially ditching Windows
I don't know either, but apparently Microsoft didn't guarantee that 'unsupported' systems would continue to receive system updates. I just use a QEMU VM and swtpm.
-
"vPub v5" opensource online Party! - this Thursday at 4 PM UTC
swtpm - a software Trusted Platform Module emulator and the ways of using it;
-
Fedora considers deprecating legacy BIOS
Seems there are two such projects for that:
https://github.com/stefanberger/swtpm
-
TPM using qemu?
This should work: https://github.com/stefanberger/swtpm/wiki
-
Tpm simulator?
Linux has several TPM emulators. This one is probably the most popular. But here's another for TPM 1.2 only. The main use-case is to emulate TPMs for use with Virtual Machine guests.
-
swtpm-localca exit with status 256:
Other GitHub posts from previous versions seem to have the issue described here but maybe I missed something, https://github.com/stefanberger/swtpm/issues/572 I'm on an arch install and just installed it from pacman.
What are some alternatives?
When comparing panda and swtpm you can also consider the following projects:
qiling - A True Instrumentable Binary Emulation Framework
mortar - Framework to join Linux's physical security bricks.