Same as with IDA, with support for extremely rare CPUs and binary formats. It supports analysing a plethora of executable types that you probably never even heard about. In order to use Cosa Nostra you will need a version of Python 3.X as well as one of the following tools in order to perform code analysis: I basically maintain it since 2016 for my one and only user, who happens to be a friend. It was initially released during SyScan360 Shanghai (2016). It can create phylogenetic trees of binary malware samples that are structurally similar. Cosa Nostra is an open source software clustering toolkit with a focus on malware analysis.
0 Comments
Leave a Reply. |