3MPER0RR/multi-extensions-analysis

GitHub: 3MPER0RR/multi-extensions-analysis

一个面向多扩展名恶意样本的静态分析工具,帮助快速识别与分类威胁。

Stars: 1 | Forks: 0

git clone https://github.com/3MPER0RR/multi-extension-analysis cd multi-extension-analysis/reverse python3 -m venv venv pip3 install pefile yara-python capstone python-magic ## Linux (Debian/Ubuntu) bash sudo apt install libmagic1 libmagic-dev ## macOS brew install libmagic ## 用法 python3 analyzer.py malware.exe python3 analyzer.py payload.bin --yara custom_rules.yar python3 analyzer.py sample.js --out ./reports python3 analyzer.py *.exe *.dll --out ./reports python3 analyzer.py sample.bin --no-disasm ![screen1](https://static.pigsec.cn/wp-content/uploads/repos/cas/e5/e56852466e3a77338fc534c62a2b173956a67d748a6d99025c9eced2d245c480.png) ![screen2](https://raw.githubusercontent.com/3MPER0RR/multi-extensions-analysis/main/screen2.png)
标签:DAST, DNS 反向解析, PE文件分析, YARA, 云资产可视化, 云资产清单, 安全工具, 恶意软件分析, 逆向工程