drakvuf-sandbox VS capa

Compare drakvuf-sandbox vs capa and see what are their differences.

drakvuf-sandbox

DRAKVUF Sandbox - automated hypervisor-level malware analysis system (by CERT-Polska)
Malware Sandbox Reverse Engineering malware-analysis malware-research
Source Code
drakvuf-sandbox.readthedocs.io
Suggest alternative
Edit details

capa

The FLARE team's open-source tool to identify capabilities in executable files. (by mandiant)
malware-analysis Reverse Engineering gsoc-2023
Source Code
Suggest alternative
Edit details
WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors
drakvuf-sandbox capa
2 2
983 3,854
2.0% 3.5%
8.5 9.8
14 days ago 3 days ago
Python Python
GNU General Public License v3.0 or later Apache License 2.0
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

drakvuf-sandbox

Posts with mentions or reviews of drakvuf-sandbox. We have used some of these posts to build our list of alternatives and similar projects.

capa

Posts with mentions or reviews of capa. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-06-11.
  • N00bs Night Malware RE Workshop with @c3rb3ru5d3d53c (OALABS) ​
    5 projects | /r/Malware | 11 Jun 2023
    Python3 Environment Basics For IDA Pro (Windows) https://www.patreon.com/posts/python3-basics-58467121 Hexcopy (save a click) https://github.com/OALabs/hexcopy-ida HashDB https://github.com/OALabs/hashdb-ida Flare-IDA https://github.com/mandiant/flare-ida Capa https://github.com/mandiant/capa Capa Rules https://github.com/mandiant/capa-rules BinDiff https://www.youtube.com/watch?v=BLBjcZe-C3I
  • How to analyze malicious PDF?
    1 project | /r/AskNetsec | 12 May 2023
    You can detonate it into a VM running an instance of Cuckoo Sandbox. If you want to go the extra mile, you can dump the memory of said VM and analyse it with Volatility Framework. Also, if you want to quickly identify behavioural patterns in executable code, you can use Mandiant's CAPA tool (though idk if it works on .pdfs).

What are some alternatives?

When comparing drakvuf-sandbox and capa you can also consider the following projects:

flare-vm - A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

flare-floss - FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Detect-It-Easy - Program for determining types of files for Windows, Linux and MacOS.

capa-rules - Standard collection of rules for capa: the tool for enumerating the capabilities of programs

theZoo - A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

flare-ida - IDA Pro utilities from FLARE team

qiling - A True Instrumentable Binary Emulation Framework

hashdb-ida - HashDB API hash lookup plugin for IDA Pro

yarGen - yarGen is a generator for YARA rules

STrace - A DTrace on Windows Reimplementation

simplify - Android virtual machine and deobfuscator

hexcopy-ida - IDA plugin for quickly copying disassembly as encoded hex bytes

drakvuf-sandbox vs flare-vm capa vs flare-floss drakvuf-sandbox vs Detect-It-Easy capa vs capa-rules drakvuf-sandbox vs theZoo capa vs flare-ida drakvuf-sandbox vs qiling capa vs hashdb-ida drakvuf-sandbox vs yarGen capa vs STrace drakvuf-sandbox vs simplify capa vs hexcopy-ida