Overview

Dorothy2 -- Code Repository/Tracker

Dorothy2 is a customized framework created for mass malware analysis. Currently, it is mainly based on analyzing the network behavior of a virtual machine where a suspicious executable was executed. Additionally, it is able to recognize new spawned processes by comparing them with a previously created baseline. Static binary analysis and an improved system behavior analysis will be shortly introduced in the next versions.

Issue tracking

View all issues | Calendar | Gantt