Various Dockerfiles used for SecOps analysis. Quick overview provided below, more details found in project README with links to projects and documentation.
- CAPA - FLARE team's open-source tool to identify capabilities in executable files. CAPA detects capabilities in executable files. You run it against a PE, ELF, .NET module, or shellcode file and it tells you what it thinks the program can do.
- Malwoverview - is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.