Brovan is a powerful user-mode binary emulator for inspecting and running x86_64 programs in a controlled emulated environment. It supports PE, ELF, memory dumps, and even raw files with no recognized file format.
It is a tool used to analyze binaries in an interactive way and discovering what functions they are trying to access, what they are doing, and fully controlling the program inside the emulator.
it is useful for malware analysis, reverse engineering, debugging binaries, or generally understanding what a program is doing, without executing their instructions directly on the host CPU.
|
Run PE, ELF, memory dumps, and even raw binaries with no recognized file format. |
Inspect execution live, follow control flow, and understand what a program is doing as it runs. |
|
See which APIs, syscalls, and functions the target resolves and accesses inside the emulator. |
Emulate binaries in a safe sandbox environment without executing them directly on the host CPU. |
|
Capture and inspect emulated network activity to better understand program behavior. |
Useful for malware analysis, debugging, and general binary inspection workflows. |
And much more ✨
Emulating linux binary (fastfetch) on Windows |
Showing syscalls and functions the binary accesses |
Running raw/unrecognized binaries directly |
Dumping emulated network traffic & viewing them |
||
The wiki is the main source for:
- Build instructions
- Architecture overview
- Usage guide (recommended, as Brovan have a lot than it advertises and some other useful functionalities)
- Command reference
See the wiki here: https://github.com/AdvDebug/Brovan/wiki
Warning
The Releases page may not always have the latest changes.
For the most up-to-date version, build from source instead
or use the latest build from GitHub Actions
Thanks to Iced library for x86_64 disassembly and assembly.
Thanks to Unicorn Engine for the core emulator.
Thanks to my friend GittingHubbers for help with the MLFQ Scheduler.
This software is licensed under GPL-2.0.