CAPE Logo

CAPE

0
Free
Visit Website

CAPE is a malware sandbox used to execute malicious files in an isolated environment, instrument their dynamic behavior, and collect forensic artifacts. It features behavioral instrumentation, file capture, network traffic capture, malware classification, screenshots, memory dumps, automated unpacking, YARA signature-based classification, configuration extraction, debugger automation, anti-sandbox countermeasures, instruction traces, and an interactive desktop. A free demonstration instance is available online for anyone to use.

FEATURES

ALTERNATIVES

Exploiting a vulnerability in HID iClass system to retrieve master authentication key for cloning cards and changing reader settings.

A tool to fuzz query strings and identify vulnerabilities

Detect capabilities in executable files and identify potential behaviors.

A modified version of Cuckoo Sandbox with enhanced features and capabilities.

A tool designed to handle archive file data and augment Yara's capabilities.

A tool that scans a corpus of malware and builds a YARA rule to detect similar code sections.

Multi-cloud antivirus scanning API with CLAMAV and YARA support for AWS S3, Azure Blob Storage, and GCP Cloud Storage.

Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.