Static File Analyzer (SFA)
A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.
Static File Analyzer (SFA)
A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.
Static File Analyzer (SFA) Description
Static File Analyzer (SFA) is a tool written in Python that acts as a bridge between ClamAV and YARA rules, allowing for deep analysis of malicious files. It can score suspect files, build visual tree graphs for quick display of embedded files, compute indicators of compromise, and extract specific patterns like URLs, hosts, and IPs. SFA uses ClamAV to extract embedded files and create JSON trees, then sends them to YARA for rule checking. It is easy to use, available as a Docker image, and has a web interface integrated in an API.
Static File Analyzer (SFA) FAQ
Common questions about Static File Analyzer (SFA) including features, pricing, alternatives, and user reviews.
Static File Analyzer (SFA) is A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.. It is a Security Operations solution designed to help security teams with Malware Analysis, File Analysis, YARA.
