search

mandiant / VM-Packages

Chocolatey packages supporting the analysis environment projects FLARE-VM & Commando VM.
Apache License 2.0
147 stars 67 forks source link

Categories #38

Closed Ana06 closed 2 years ago

Ana06 commented 2 years ago

We are very close to start using these packages in FLARE-VM. We have mentioned a few times that we want to give a thought to the current categories, trying to create more concrete categories that make it easier to find tools.

I think these are the current categories:

This is also needed for https://github.com/mandiant/VM-Packages/issues/25

@mandiant/flare-vm ideas?

mr-tz commented 2 years ago

Some ideas:

  1. move Flash tools into Utilities, I don't think we really need Flash tools anymore, anyway
  2. rename Net to Network/Networking? I always have to look twice with dotNet and Net
  3. add Dynamic analysis with things like procmon, apimonitor, etc.?
  4. add Packers with upx, DiE, etc.?
  5. add PE Viewers?

3.-5. would help to split up Utilities more, but I'm not sure there's real benefit to having more or less categories.

MalwareMechanic commented 2 years ago

Update packages based on category additions/renames from: https://github.com/mandiant/VM-Packages/pull/59

mr-tz commented 2 years ago

My proposal:

And from #59 (Commando), add:

mr-tz commented 2 years ago

However, I also believe that it should be "allowed" and easy to change/rename/move categories as we cannot know now what tools we'll have and how to organize them best.

Should we create a separate file to track all current categories (and document what they roughly contain)?

mr-tz commented 2 years ago