search

CERT-Polska / drakvuf-sandbox

DRAKVUF Sandbox - automated hypervisor-level malware analysis system
https://drakvuf-sandbox.readthedocs.io/
Other
1.06k stars 143 forks source link

Design needed: Behavioral signatures #70

Open icedevml opened 4 years ago

icedevml commented 4 years ago

This is a feature request based on community feedback.

Signatures should allow to extract some interesting high-level facts out of behavioral logs, e.g. process injected itself to other process and exitted, process created files in C:\sth\sth\Autostart\ etc.

musaabimran commented 1 year ago

Hi, Im excited for this project should I send my proposal for review?