• dorothy2

    Dorothy2 -- Code Repository/Tracker

    Dorothy2 is a customized framework created for mass malware analysis. Currently, it is mainly based on analyzing the network behavior of a virtual machine where a suspicious executable was executed. Additionally, it is able to recognize new spawned processes by comparing them with a previously created baseline. Static binary analysis and an improved system behavior analysis will be shortly introduced in the next versions....

Also available in: Atom