Dorothy2 Logo

Dorothy2

0
Free
Visit Website

Dorothy2 is a malware/botnet analysis framework written in Ruby. It offers a very flexible modular environment for suspicious binary analysis, interactive investigation framework with a focus on network analysis, and the ability to recognize new spawned processes by comparing them with a baseline. It also utilizes pre-configured analysis profiles for detailed analysis.

FEATURES

ALTERNATIVES

One stop shop for decompiling Android apps with a focus on regenerating R references.

A portable version of XSSHunter.com for finding and exploiting Cross-Site Scripting (XSS) vulnerabilities.

A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.

A deserialization payload generator for .NET formatters

A strings statistics calculator for YARA rules to aid malware research.

A Go library for manipulating YARA rulesets with the ability to programatically change metadata, rule names, and more.

Java code implementing the AutoYara algorithm for automatic Yara rule generation from input samples.

A native Python cross-version decompiler and fragment decompiler.

PINNED