cyberstars / tools / capa
capa
—Identify executable capabilities.
View on GitHub
PythonApache-2.0
Mandiant's FLARE team tool that identifies high-level capabilities in malware and other executables — encryption, persistence, networking — via rule sets.