Malcat
Topics
Getting started
Usage
Analysis engine (doc in progress)
File parsers
Disassembler
CFG reconstruction
Functions recovery
String analysis
Known patterns identification
Yara signatures
Anomaly scanner
Kesakode
Threat intelligence
Custom types
Scripting
Links
Malcat Website
Malcat
Analysis engine (doc in progress)
Analysis engine (doc in progress)
List of available analyses
File parsers
How parsing is done
File carving
Supported file formats
Adding support for new file types
Disassembler
Supported architectures
CFG reconstruction
Functions recovery
String analysis
String extraction algorithms
Strings score
Strings tag
Dynamic strings
Known patterns identification
Constant scanner
FLIRT signatures
Yara signatures
Importing a ruleset split in multiple files
Rules writing/importing guideline
Anomaly scanner
What are anomalies?
Write your own anomaly
Kesakode
How does it work?
Use cases
Kesakode frequently asked questions
Threat intelligence
Custom types
Apply custom types
Add new custom types