Tools > Development

A red-team focused PE analysis tool that detects evasion techniques, anti-analysis patterns, and suspicious characteristics in Windows executables. Detects direct syscall patterns, API hashing, RWX sections, reflective DLL loaders, AMSI bypass patterns, and ETW patching indicators with weighted risk scoring.

A static-analysis tradecraft classifier for Windows loaders. Analyzes Windows PE files to identify execution models, injection intent, API resolution methods, payload styles, and evasion posture. Classifies how a binary plans to execute code and what execution philosophy the author uses.

An automated malware analysis reporting engine that translates technical findings into professional, human-readable malware reports. Generates deterministic reports in Markdown, HTML, or PDF formats with specialized sections for evasion techniques and execution philosophies.