Malkat 0.8.4.0 Lite Portable
Malcat is a feature-rich hexadecimal editor / disassembler for Windows and Linux targeted to IT-security professionals. Inspect dozens of binary file formats, dissassemble and decompile different CPU architectures, extract embedded files and scan for Yara signatures or anomalies in a fast and easy-to-use graphical interface. Don't like what you get? Malcat is also heavily customizable and scriptable using python.
Features
Malcat has been designed for malware analysts, SOC operators, incident responders, CTF players or more generally anyone who needs to inspect unknown binary files on a regular basis. Have a look at its list of features to decide if it's the right tool for you:
Rapid analysis
Because Malcat does not run heavy analyses like VSA or type recovery, it can analyze most files under a second. This makes it the perfect tool for quick inspections or malware triage.
Disasm & decompile
Inspect code for architectures used in malware: x86/x64, .NET, python 2 and 3, VB p-code, NSIS vm,
AutoIT and Office macros
Malcat also embedds the Sleigh decompiler for x86 and x64.
Embedded files
Leveraging its numerous file format parsers, malcat can extract sub-files from archives and identify embedded objects within any file. A very useful feature for incident response and malware analysis.
Smart visualization
Malcat offers many view modes to focus on all aspects of the file. Inspect binary structures, naviguate through the CFG or have a higher-level look at the anomalies, you chose. You can also try our new DNA view!
Compare binaries
Compare two files side by side and inspect their structural differences using Myers algorithm, a powerful diff method used in bioinformatics which produce human-readable results and can realign.
Anomaly scanner
Highlight suspicious patterns using Yara (featuring an embedded editor), Fireeye's Capa or Malcat's own anomaly scanner which scans for more than 200 anomalies using the complete analysis results.
Advanced editing
Patch the file content using the inline structure editor or using python.
Dealing with encrypted or encoded content? Just select the data and chose between dozens of decryption and decoding algorithms.
Known patterns
Malcat recognize and highlight more than 20000 standard strings and numerical constants.
You can also scan a corpus of local files or check online intelligence services.
Extract strings
Malcat features different algorithms to identify both static strings and dynamic strings (e.g. stack strings).
Strings are then weighted and sorted by score to give you the most pertinent results first.
Powerful UI
Enjoy a modern and responsive UI featuring HiDPI and full unicode support (hi .NET obfuscators :).
Want to go fast? You can navigate through the analysis using numerous keyboard shortcuts.
Make it your own
It is quite easy to extend malcat or automate file analysis by using the powerful python bindings.
You can create new file type parsers, decryption routines or add new anomalies with ease.
Rapid analysis
Because Malcat does not run heavy analyses like VSA or type recovery, it can analyze most files under a second. This makes it the perfect tool for quick inspections or malware triage.
Disasm & decompile
Inspect code for architectures used in malware: x86/x64, .NET, python 2 and 3, VB p-code, NSIS vm,
AutoIT and Office macros
Malcat also embedds the Sleigh decompiler for x86 and x64.
Embedded files
Leveraging its numerous file format parsers, malcat can extract sub-files from archives and identify embedded objects within any file. A very useful feature for incident response and malware analysis.
Smart visualization
Malcat offers many view modes to focus on all aspects of the file. Inspect binary structures, naviguate through the CFG or have a higher-level look at the anomalies, you chose. You can also try our new DNA view!
Compare binaries
Compare two files side by side and inspect their structural differences using Myers algorithm, a powerful diff method used in bioinformatics which produce human-readable results and can realign.
Anomaly scanner
Highlight suspicious patterns using Yara (featuring an embedded editor), Fireeye's Capa or Malcat's own anomaly scanner which scans for more than 200 anomalies using the complete analysis results.
Advanced editing
Patch the file content using the inline structure editor or using python.
Dealing with encrypted or encoded content? Just select the data and chose between dozens of decryption and decoding algorithms.
Known patterns
Malcat recognize and highlight more than 20000 standard strings and numerical constants.
You can also scan a corpus of local files or check online intelligence services.
Extract strings
Malcat features different algorithms to identify both static strings and dynamic strings (e.g. stack strings).
Strings are then weighted and sorted by score to give you the most pertinent results first.
Powerful UI
Enjoy a modern and responsive UI featuring HiDPI and full unicode support (hi .NET obfuscators :).
Want to go fast? You can navigate through the analysis using numerous keyboard shortcuts.
Make it your own
It is quite easy to extend malcat or automate file analysis by using the powerful python bindings.
You can create new file type parsers, decryption routines or add new anomalies with ease.
Key Features
Screenshots
Homepage | What's New
OS: Windows XP / Vista / 7 / 8 / 8.1 / 10 / 11 (x86-x64)
Language: ENG
Medicine: FreeWare
Size: 23,21 MB.
Download From Homepage:
Portable
No comments