#capa detects capabilities in executable files. You...

D2I

#capa detects capabilities in executable files. You run it against a PE, ELF, .NET module, or shellcode file and it tells you what it thinks the program can do. For example, it might suggest that the file is a backdoor, is capable of installing services, or relies on HTTP to communicate.

https://github.com/mandiant/capa

@ua@soc.ua-fediland.de
@rf@mastodon.ml

Like 29 Jan 2023 at 21:42 | Open on mk.phreedom.club