Search

capa

a FLARE tool that detects capabilities in executables using static analysis r

FreeOpen SourceCLI
Visit WebsiteGitHubDocs

Description

capa is a FLARE tool that detects capabilities in executables using static analysis rules. It helps investigators collect, validate, or enrich hash, malware-sample, url during OSINT work and produces evidence such as ioc, malware-sample, report-summary for structured analysis.

Inputs

Hash (MD5/SHA)Malware SampleURL

Outputs

IOC (Indicator of Compromise)Malware SampleReport / Summary

Tags

Malware SampleIOC (Indicator of Compromise)

Tool Chain

Tools that can use this tool's outputs as inputs

capa
outputs
Malware Sample
inputs into
VirusTotalFreemiumMITRE ATT&CKFreeURLhausFreeMalwareBazaarFreeHybrid AnalysisFreemiumANY.RUNFreemiumJoe SandboxFreemiumHatching TriageFreemiumIntezer AnalyzeFreemiumYARAFreeFLOSSFreeVolatility 3FreeMobile Verification ToolkitFreeAutopsyFree
capa
outputs
IOC (Indicator of Compromise)
inputs into
MITRE ATT&CKFreeMISPFreeOpenCTIFreeYetiFreeTheHiveFreemiumCortexFreemiumAbuseIPDBFreemiumAlienVault OTXFreePulsediveFreemiumThreatFoxFreeFeodo TrackerFreePhishTankFreeOpenPhishFreemiumCisco Talos IntelligenceFreeIBM X-Force ExchangeFreemiumCyberChefFreeGoogle Safe BrowsingFreemiumMalwarebytes LabsFree

Reviews

0.0 (0 reviews)