├── .gitignore ├── LICENSE ├── Utils └── agent.py ├── VolatilityBot.py ├── code_extractors ├── __init__.py ├── code_extractor.py ├── heuristics.py ├── hooks.py ├── malfind.py ├── modscan.py └── procdump.py ├── conf ├── Semantic_Rules.json ├── config.py ├── static_config.py └── yara_rules.yar ├── db_builder.py ├── gi_builder.py ├── lib ├── __init__.py ├── common │ ├── __init__.py │ ├── analyze_memory.py │ ├── pe_utils.py │ ├── pslist.py │ ├── queue.py │ └── utils.py └── core │ ├── __init__.py │ ├── database.py │ ├── memory.py │ ├── memory_utils.py │ ├── sample.py │ └── sample.py~ ├── logs └── VolatilityBot.log ├── machines ├── __init__.py ├── __init__.py~ ├── machine.py └── vmware.py ├── pics └── logo.png ├── post_processing ├── SemanticAnalyzer2.py ├── __init__.py ├── clam_scanner.py ├── static_report.py └── yara_postprocessor.py ├── readme.md └── requirements.txt /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/.gitignore -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/LICENSE -------------------------------------------------------------------------------- /Utils/agent.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/Utils/agent.py -------------------------------------------------------------------------------- /VolatilityBot.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/VolatilityBot.py -------------------------------------------------------------------------------- /code_extractors/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright (C) 2014 Martin .G. Korman 2 | -------------------------------------------------------------------------------- /code_extractors/code_extractor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/code_extractors/code_extractor.py -------------------------------------------------------------------------------- /code_extractors/heuristics.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/code_extractors/heuristics.py -------------------------------------------------------------------------------- /code_extractors/hooks.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/code_extractors/hooks.py -------------------------------------------------------------------------------- /code_extractors/malfind.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/code_extractors/malfind.py -------------------------------------------------------------------------------- /code_extractors/modscan.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/code_extractors/modscan.py -------------------------------------------------------------------------------- /code_extractors/procdump.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/code_extractors/procdump.py -------------------------------------------------------------------------------- /conf/Semantic_Rules.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/conf/Semantic_Rules.json -------------------------------------------------------------------------------- /conf/config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/conf/config.py -------------------------------------------------------------------------------- /conf/static_config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/conf/static_config.py -------------------------------------------------------------------------------- /conf/yara_rules.yar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/conf/yara_rules.yar -------------------------------------------------------------------------------- /db_builder.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/db_builder.py -------------------------------------------------------------------------------- /gi_builder.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/gi_builder.py -------------------------------------------------------------------------------- /lib/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright (C) 2014 Martin .G. Korman 2 | -------------------------------------------------------------------------------- /lib/common/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright (C) 2014 Martin .G. Korman 2 | -------------------------------------------------------------------------------- /lib/common/analyze_memory.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/lib/common/analyze_memory.py -------------------------------------------------------------------------------- /lib/common/pe_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/lib/common/pe_utils.py -------------------------------------------------------------------------------- /lib/common/pslist.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/lib/common/pslist.py -------------------------------------------------------------------------------- /lib/common/queue.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/lib/common/queue.py -------------------------------------------------------------------------------- /lib/common/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/lib/common/utils.py -------------------------------------------------------------------------------- /lib/core/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /lib/core/database.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/lib/core/database.py -------------------------------------------------------------------------------- /lib/core/memory.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/lib/core/memory.py -------------------------------------------------------------------------------- /lib/core/memory_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/lib/core/memory_utils.py -------------------------------------------------------------------------------- /lib/core/sample.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/lib/core/sample.py -------------------------------------------------------------------------------- /lib/core/sample.py~: -------------------------------------------------------------------------------- 1 | #! /usr/bin/python 2 | 3 | 4 | -------------------------------------------------------------------------------- /logs/VolatilityBot.log: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/logs/VolatilityBot.log -------------------------------------------------------------------------------- /machines/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright (C) 2014 Martin .G. Korman 2 | -------------------------------------------------------------------------------- /machines/__init__.py~: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/machines/__init__.py~ -------------------------------------------------------------------------------- /machines/machine.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/machines/machine.py -------------------------------------------------------------------------------- /machines/vmware.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/machines/vmware.py -------------------------------------------------------------------------------- /pics/logo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/pics/logo.png -------------------------------------------------------------------------------- /post_processing/SemanticAnalyzer2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/post_processing/SemanticAnalyzer2.py -------------------------------------------------------------------------------- /post_processing/__init__.py: -------------------------------------------------------------------------------- 1 | # Copyright (C) 2014 Martin .G. Korman 2 | -------------------------------------------------------------------------------- /post_processing/clam_scanner.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /post_processing/static_report.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/post_processing/static_report.py -------------------------------------------------------------------------------- /post_processing/yara_postprocessor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/post_processing/yara_postprocessor.py -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/readme.md -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/mkorman90/VolatilityBot/HEAD/requirements.txt --------------------------------------------------------------------------------