Example Usage
$ capa.exe suspicious.exe +--------------------+------------------------------------------------------------------------+ | ATT&CK Tactic | ATT&CK Technique | |--------------------+------------------------------------------------------------------------| | DEFENSE EVASION | Obfuscated Files or Information [T1027] | | DISCOVERY | Query Registry [T1012] | | | System Information Discovery [T1082] | | EXECUTION | Command and Scripting Interpreter::Windows Command Shell [T1059.003] | | | Shared Modules [T1129] | | EXFILTRATION | Exfiltration Over C2 Channel [T1041] | | PERSISTENCE | Create or Modify System Process::Windows Service [T1543.003] | +--------------------+------------------------------------------------------------------------+ +-------------------------------------------+-------------------------------------------------+ | CAPABILITY
See also
xAnalyzer
Open Source
…
Angr
Open Source
Python binary analysis framework supporting both static and dynamic symbolic execution (concolic exe…
ida-sigmaker
Open Source
sigmaker is a zero-dependency IDA Pro 9.0+ cross-platform signature maker plugin with optional SIMD …
wxapkg
Free
跨平台微信小程序反编译 GUI 工具,.wxapkg 文件扫描 + 解密 + 解包工具…
pokeheartgold
Free
Decompilation of Pokemon HeartGold/SoulSilver…
NTRGhidra
Open Source
A Nintendo DS binary loader for Ghidra…