{"id":4419,"date":"2019-03-30T08:33:44","date_gmt":"2019-03-30T03:03:44","guid":{"rendered":"http:\/\/kalilinuxtutorials.com\/?p=4419"},"modified":"2019-03-30T08:33:44","modified_gmt":"2019-03-30T03:03:44","slug":"droidefense-engine-android-malware","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/","title":{"rendered":"Droidefense : Advance Android Malware Analysis Framework"},"content":{"rendered":"\n<p><strong>Droidefense<\/strong> is the codename for android apps\/malware analysis\/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. <\/p>\n\n\n\n<p>For those situations on where the malware has <strong>anti-analysis<\/strong>&nbsp;routines, Droidefense attemps to bypass them in order to get to the code and &#8216;bad boy&#8217; routine. <\/p>\n\n\n\n<p>Sometimes those techniques can be virtual machine detection, emulator detection, self certificate checking, pipes detection. tracer pid check, and so on.<\/p>\n\n\n\n<p><strong>Droidefense<\/strong>&nbsp;uses an innovative idea in where the code is not decompiled rather than viewed. <\/p>\n\n\n\n<p>This allow us to get the global view of the execution workflow of the code with a 100% accuracy on gathered information. With this situation,&nbsp;<strong>Droidefense<\/strong>generates a fancy&nbsp;<strong>html<\/strong>&nbsp;report with the results for an easy understanding.<\/p>\n\n\n\n<p><strong>Also Read  &#8211; <a href=\"https:\/\/kalilinuxtutorials.com\/h2t-http-hardening\/\" target=\"_blank\" rel=\"noreferrer noopener\" aria-label=\"H2T : HTTP Hardening Tool Scans Website &amp; Suggests Security Headers to Apply (opens in a new tab)\">H2T : HTTP Hardening Tool Scans Website &amp; Suggests Security Headers to Apply<\/a><\/strong><\/p>\n\n\n\n<p style=\"text-align:center\" class=\"has-background has-light-green-cyan-background-color\"><strong>Droidefense Features<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>.apk unpacker<\/li><li>.apk resource decoder<\/li><li>.apk file enumeration<\/li><li>.apk file classification and identification<\/li><li>binary xml decoder<\/li><li>in-memory processing using a virtual filesystem<\/li><li>resource fuzzing and hashing<\/li><li>entropy calculator<\/li><li>native code dump<\/li><li>certificate analysis<\/li><li>debug certificate detection<\/li><li>opcode analysis<\/li><li>unused opcode detection<\/li><li>androidManifest.xml analysis<\/li><li>internal structure analysis<\/li><li>dalvik bytecode flow analysis<\/li><li>multipath analysis implementation (not tested)<\/li><li>CFG generation<\/li><li>simple reflection resolver<\/li><li>String classification<\/li><li>simulated workflow generation<\/li><li>dynamic rules engine<\/li><\/ul>\n\n\n\n<p style=\"text-align:center\" class=\"has-background has-light-green-cyan-background-color\"><a href=\"https:\/\/github.com\/droidefense\/engine#droidefense-modules\"><\/a><strong>Droidefense modules<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>PSCout data module<\/li><li>Full Android manifest parser, based on official SDK documentation v23.<\/li><li>Plugins<\/li><li>Machine Learning (Weka based) module<\/li><\/ul>\n\n\n\n<p style=\"text-align:center\" class=\"has-background has-light-green-cyan-background-color\"><a href=\"https:\/\/github.com\/droidefense\/engine#droidefense-plugins\"><\/a><strong>Droidefense plugins<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Hidden ELF file detector plugin<\/li><li>Hidden APK file detector plugin<\/li><li>Application UID detector plugin<\/li><li>Privacy plugin<\/li><\/ul>\n\n\n\n<p style=\"text-align:center\" class=\"has-background has-light-green-cyan-background-color\"><a href=\"https:\/\/github.com\/droidefense\/engine#usage\"><\/a><strong>Usage<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/github.com\/droidefense\/engine#tldr\"><\/a><strong>TL;DR<\/strong><\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>java -jar droidefense-cli-1.0-SNAPSHOT.jar -i \/path\/to\/your\/sample.apk<\/strong><\/p>\n\n\n\n<p style=\"text-align:left\"><strong>Detailed usage<\/strong><\/p>\n\n\n\n<p class=\"has-text-color has-background has-vivid-green-cyan-color has-very-dark-gray-background-color\"><strong>java -jar droidefense-cli-1.0-SNAPSHOT.jar<br>Current build:             2018_03_09__09_17_34<br>Check out on Github:             https:\/\/github.com\/droidefense\/<br>Report your issue:             https:\/\/github.com\/droidefense\/engine\/issues<br>Lead developer:             @zerjioang<br>usage: droidefense<br>  -d,&#8211;debug                 print debugging information<br>  -h,&#8211;help                  print this message<br>  -i,&#8211;input            input .apk to be analyzed<br>  -o,&#8211;output        select prefered output:<br>                             json<br>                             json.min<br>                             html<br>  -p,&#8211;profile               Wait for JVM profiler<br>  -s,&#8211;show                  show generated report after scan<br>  -u,&#8211;unpacker    select prefered unpacker:<br>                             zip<br>                             memapktool<br>  -v,&#8211;verbose               be verbose<br>  -V,&#8211;version               show current version information<\/strong><\/p>\n\n\n\n<div class=\"wp-block-button aligncenter is-style-squared\"><a class=\"wp-block-button__link has-background has-vivid-cyan-blue-background-color\" href=\"https:\/\/github.com\/droidefense\/engine\"><strong>Download<\/strong><\/a><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Droidefense is the codename for android apps\/malware analysis\/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has anti-analysis&nbsp;routines, Droidefense attemps to bypass them in order to get to the code and &#8216;bad boy&#8217; routine. Sometimes those techniques [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[156,162,962],"class_list":["post-4419","post","type-post","status-publish","format-standard","hentry","category-kali","tag-android","tag-android-malware","tag-droidefense"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Droidefense Engine : Advance Android Malware Analysis Framework<\/title>\n<meta name=\"description\" content=\"Droidefense is the codename for android apps\/malware analysis\/reversing tool. It was built focused on security issues and tricks that malware\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Droidefense Engine : Advance Android Malware Analysis Framework\" \/>\n<meta property=\"og:description\" content=\"Droidefense is the codename for android apps\/malware analysis\/reversing tool. It was built focused on security issues and tricks that malware\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2019-03-30T03:03:44+00:00\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"Droidefense : Advance Android Malware Analysis Framework\",\"datePublished\":\"2019-03-30T03:03:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/\"},\"wordCount\":363,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"keywords\":[\"android\",\"Android Malware\",\"Droidefense\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/\",\"name\":\"Droidefense Engine : Advance Android Malware Analysis Framework\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"datePublished\":\"2019-03-30T03:03:44+00:00\",\"description\":\"Droidefense is the codename for android apps\/malware analysis\/reversing tool. It was built focused on security issues and tricks that malware\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Droidefense Engine : Advance Android Malware Analysis Framework","description":"Droidefense is the codename for android apps\/malware analysis\/reversing tool. It was built focused on security issues and tricks that malware","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/","og_locale":"en_US","og_type":"article","og_title":"Droidefense Engine : Advance Android Malware Analysis Framework","og_description":"Droidefense is the codename for android apps\/malware analysis\/reversing tool. It was built focused on security issues and tricks that malware","og_url":"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2019-03-30T03:03:44+00:00","author":"R K","twitter_card":"summary_large_image","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"Droidefense : Advance Android Malware Analysis Framework","datePublished":"2019-03-30T03:03:44+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/"},"wordCount":363,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"keywords":["android","Android Malware","Droidefense"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/","url":"https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/","name":"Droidefense Engine : Advance Android Malware Analysis Framework","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"datePublished":"2019-03-30T03:03:44+00:00","description":"Droidefense is the codename for android apps\/malware analysis\/reversing tool. It was built focused on security issues and tricks that malware","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/droidefense-engine-android-malware\/"]}]},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":2708,"url":"https:\/\/kalilinuxtutorials.com\/droidefense-android-malware-analysis-framework\/","url_meta":{"origin":4419,"position":0},"title":"Droidefense &#8211; Advance Android Malware Analysis Framework","author":"R K","date":"September 19, 2018","format":false,"excerpt":"Droidefense (originally named atom: analysis through observation machine)* is the codename for android apps\/malware analysis\/reversing tool. It was built focused on security issues and tricks that malware researcher have on they every day work. For those situations on where the malware has anti-analysis routines, Droidefense attemps to bypass them in\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/04\/button_download.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":11749,"url":"https:\/\/kalilinuxtutorials.com\/awesome-android-security\/","url_meta":{"origin":4419,"position":1},"title":"Awesome Android Security","author":"R K","date":"November 4, 2020","format":false,"excerpt":"A curated list of Android Security materials and resources For Pentesters and Bug Hunters. Blog AAPG - Android application penetration testing guideTikTok: three persistent arbitrary code executions and one theft of arbitrary filesPersistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC - CVE-2020-8913Android: Access\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":7521,"url":"https:\/\/kalilinuxtutorials.com\/attack-monitor-endpoint-detection-malware-analysis-software\/","url_meta":{"origin":4419,"position":2},"title":"Attack Monitor : Endpoint Detection &#038; Malware Analysis Software","author":"R K","date":"November 30, 2019","format":false,"excerpt":"Attack Monitor is Python application written to enhance security monitoring capabilities of Windows 7\/2008 (and all later versions) workstations\/servers and to automate dynamic analysis of malware. Current modes (mutually exclusive): Endpoint detection (ED)Malware analysis (on dedicated Virtual Machine) Based on events from: Windows event logsSysmonWatchdog (Filesystem monitoring Python library)TShark (only\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":32497,"url":"https:\/\/kalilinuxtutorials.com\/resources-for-mobile-application-testing\/","url_meta":{"origin":4419,"position":3},"title":"Resources For Mobile Application Testing &#8211; A Comprehensive Guide To Tools, Techniques, And Vulnerabilities","author":"Varshini","date":"April 8, 2024","format":false,"excerpt":"In the rapidly evolving world of mobile technology, ensuring the security and reliability of applications is paramount. This comprehensive guide offers an extensive collection of resources for mobile application testing, covering everything from vulnerability analysis to penetration testing techniques. Dive into a curated list of blogs, tools, labs, and courses\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh46S2XfnGIjDh_HcKkk29VHmnM-ygjBjCZPC54yNHJjzF2bjPra4bFJ8jkogW4MAQFMCbfJdENuzm77osKRNQSC3pHqn5xOPZ0RJrWiIG527v6g4MqNB_l6MuLjEsoMiKN28NQ-J574bZNHGjDO8hPy5ZZhH5o3UNWEv6bJHfUodrU42L_HsoP1-HQykyp\/s16000\/Untitled%20design%20%285%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh46S2XfnGIjDh_HcKkk29VHmnM-ygjBjCZPC54yNHJjzF2bjPra4bFJ8jkogW4MAQFMCbfJdENuzm77osKRNQSC3pHqn5xOPZ0RJrWiIG527v6g4MqNB_l6MuLjEsoMiKN28NQ-J574bZNHGjDO8hPy5ZZhH5o3UNWEv6bJHfUodrU42L_HsoP1-HQykyp\/s16000\/Untitled%20design%20%285%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh46S2XfnGIjDh_HcKkk29VHmnM-ygjBjCZPC54yNHJjzF2bjPra4bFJ8jkogW4MAQFMCbfJdENuzm77osKRNQSC3pHqn5xOPZ0RJrWiIG527v6g4MqNB_l6MuLjEsoMiKN28NQ-J574bZNHGjDO8hPy5ZZhH5o3UNWEv6bJHfUodrU42L_HsoP1-HQykyp\/s16000\/Untitled%20design%20%285%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh46S2XfnGIjDh_HcKkk29VHmnM-ygjBjCZPC54yNHJjzF2bjPra4bFJ8jkogW4MAQFMCbfJdENuzm77osKRNQSC3pHqn5xOPZ0RJrWiIG527v6g4MqNB_l6MuLjEsoMiKN28NQ-J574bZNHGjDO8hPy5ZZhH5o3UNWEv6bJHfUodrU42L_HsoP1-HQykyp\/s16000\/Untitled%20design%20%285%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh46S2XfnGIjDh_HcKkk29VHmnM-ygjBjCZPC54yNHJjzF2bjPra4bFJ8jkogW4MAQFMCbfJdENuzm77osKRNQSC3pHqn5xOPZ0RJrWiIG527v6g4MqNB_l6MuLjEsoMiKN28NQ-J574bZNHGjDO8hPy5ZZhH5o3UNWEv6bJHfUodrU42L_HsoP1-HQykyp\/s16000\/Untitled%20design%20%285%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh46S2XfnGIjDh_HcKkk29VHmnM-ygjBjCZPC54yNHJjzF2bjPra4bFJ8jkogW4MAQFMCbfJdENuzm77osKRNQSC3pHqn5xOPZ0RJrWiIG527v6g4MqNB_l6MuLjEsoMiKN28NQ-J574bZNHGjDO8hPy5ZZhH5o3UNWEv6bJHfUodrU42L_HsoP1-HQykyp\/s16000\/Untitled%20design%20%285%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":6272,"url":"https:\/\/kalilinuxtutorials.com\/pepper-malware-analysis-portable-executable\/","url_meta":{"origin":4419,"position":4},"title":"PEpper : An Open Source Script To Perform Malware Static Analysis On Portable Executable","author":"R K","date":"August 22, 2019","format":false,"excerpt":"PEpper is an open source tool to perform\u00a0malware static analysis\u00a0on\u00a0Portable\u00a0Executable. Following are some of the features supported by the tool; Suspicious entropy\u00a0ratioSuspicious name\u00a0ratioSuspicious\u00a0code sizeSuspicious\u00a0debugging time-stampNumber of\u00a0exportNumber of\u00a0anti-debugging\u00a0callsNumber of\u00a0virtual-machine detection\u00a0callsNumber of\u00a0suspicious API\u00a0callsNumber of\u00a0suspicious stringsNumber of\u00a0YARA\u00a0rules matchesNumber of\u00a0URL\u00a0foundNumber of\u00a0IP\u00a0foundCookie on the stack\u00a0(GS) supportControl Flow Guard\u00a0(CFG) supportData Execution Prevention\u00a0(DEP) supportAddress Space Layout Randomization\u00a0(ASLR)\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":35689,"url":"https:\/\/kalilinuxtutorials.com\/litterbox\/","url_meta":{"origin":4419,"position":5},"title":"LitterBox : The Ultimate Sandbox Environment For Malware Testing And Red Team Operations","author":"Varshini","date":"January 13, 2025","format":false,"excerpt":"Your malware's favorite sandbox - where red teamers come to bury their payloads. A sandbox environment designed specifically for malware development and payload testing. This Web Application enables red teamers to validate evasion techniques, assess detection signatures, and test implant behavior before deployment in the field. Think of it as\u2026","rel":"","context":"In &quot;Malware&quot;","block_context":{"text":"Malware","link":"https:\/\/kalilinuxtutorials.com\/category\/malware\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/LitterBox-.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/LitterBox-.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/LitterBox-.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/LitterBox-.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/LitterBox-.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/01\/LitterBox-.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/4419","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=4419"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/4419\/revisions"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=4419"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=4419"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=4419"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}