Analysis engine (doc in progress)

List of available analyses

• File parsers
  • How parsing is done
  • File carving
  • Supported file formats
  • Adding support for new file types
• Disassembler
  • Supported architectures
• CFG reconstruction
• Functions recovery
• String analysis
  • String extraction algorithms
  • Strings score
  • Strings tag
  • Dynamic strings
• Known patterns identification
  • Constant scanner
  • FLIRT signatures
• Yara signatures
• Anomaly scanner
  • What are anomalies?
  • Write your own anomaly
• Threat intelligence
• Custom types
  • Apply custom types
  • Add new custom types