Capa is designed to identify capabilities within executable files. This versatile tool analyzes various file types—including PE, ELF, .NET modules, shellcode, and sandbox reports—to determine a program’s functionalities, such as operating as a backdoor, installing services, or using HTTP for communication. Capa offers both a command-line interface and a web interface for interactive result inspection. Read More …
Tag: Ghidra
Tools :: GhidraMCP
GhidraMCP is an innovative Model Context Protocol (MCP) server designed as a plugin for Ghidra, the open-source reverse engineering framework. Its primary purpose is to empower Large Language Models (LLMs) with the capability to autonomously reverse engineer applications by exposing core Ghidra functionalities to MCP clients. This tool streamlines tasks such as decompiling and analyzing Read More …
Some Computer Blogs
This post is just another compilation from my earlier blogger site. This post will focus on various newsletters, blogs, or similar that I followed at some point or another. Matteo Malvica Penetration Testing Lab Specific Articles New Forensic Investigation Procedures for First Responder Guides This is the story about when a nation state hacks into Read More …