For this example we produced two binaries Usually hooks are predefined points in a system where a program author provides the possibility that code possibly developed by someone else is called Usually only the operating system core has direct access to the objects while applications need to obtain a handle to the desired object first and use that handle for any further interaction with the object Since the scheduler decides what thread to run next on the CPU there needs to be some means to pause the execution of the current thread and start running another thread instead gerridaeAt its core Qemu is a full featured machine emulator supporting a variety of host and target system combinations gerridae is tainted the output will be tainted as well Our project is built on top of the Qemu full system emulator that allows us to perform the taint analysis on hardware level plasmatronWhile the outstanding advantage of a static analysis approach is that it usually takes all possible execution paths into account, the program in the whole is analyzed