Topics
Getting started
Usage
Analysis engine
File parsers
Disassembler
CFG / functions recovery
String analysis
Known patterns identification
Yara signatures
Anomaly scanner
Kesakode
Threat intelligence providers
Custom types
Scripting
Links
Malcat Website
Malcat
Analysis engine
Analysis engine
List of available analyses
File parsers
How parsing is done
File carving
Supported file formats
Writing new parsers
Disassembler
Supported architectures
CFG / functions recovery
What is CFG recovery?
Malcat’s algorithm
How does Malcat perform?
String analysis
String extraction algorithms
Strings score
Strings tag
Dynamic strings
Known patterns identification
Constant scanner
FLIRT signatures
Yara signatures
Importing a ruleset split in multiple files
Rules writing/importing guideline
Anomaly scanner
What are anomalies?
Write your own anomaly
Kesakode
How does it work?
Use cases
Kesakode frequently asked questions
Threat intelligence providers
What are intelligence providers?
Writing your own threat intelligence provider
Custom types
Apply custom types
Add new custom types