Dorothy2 Logo

Dorothy2

0
Free
Visit Website

Dorothy2 is a malware/botnet analysis framework written in Ruby. It offers a very flexible modular environment for suspicious binary analysis, interactive investigation framework with a focus on network analysis, and the ability to recognize new spawned processes by comparing them with a baseline. It also utilizes pre-configured analysis profiles for detailed analysis.

FEATURES

ALTERNATIVES

FLARE-VM is a collection of software installation scripts for Windows systems designed for setting up and maintaining a reverse engineering environment on a virtual machine.

Valkyrie is a sophisticated file verdict system that enhances malware detection through behavioral analysis and extensive file feature examination.

Tplmap is a tool for detecting and exploiting server-side template injection vulnerabilities.

A script to detect and remove Canary Tokens with simple signature-based detections.

YARA extension for Visual Studio Code with code completion and snippets

A file analysis framework that automates the evaluation of files by running a suite of tools and aggregating the output.

A native Python cross-version decompiler and fragment decompiler.

Dynamic binary analysis library with various analysis and emulation capabilities.