CAPA: open-source tool in Python to identify capabilities in executable files
added on 2020/09/08 @ 13:11:57 | 643 views| category: hacking-security

capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do. For example, it might suggest that the file is a backdoor, is capable of installing services, or relies on HTTP to communicate.

tags: #executable #security #python