Skip to content

CybercentreCanada/assemblyline-service-espresso

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

109 Commits

.vscode

.vscode

 
 

pipelines

pipelines

 
 

tests

tests

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

CONTRIBUTING.md

CONTRIBUTING.md

 
 

Dockerfile

Dockerfile

 
 

LICENCE.md

LICENCE.md

 
 

README.md

README.md

 
 

espresso.py

espresso.py

 
 

requirements.txt

requirements.txt

 
 

service_manifest.yml

service_manifest.yml

 
 

Repository files navigation

Espresso Service

This Assemblyline service analyzes Java JAR files. All classes are extracted, decompiled and analyzed for malicious behavior.

NOTE: This service does not require you to buy any licence and is preinstalled and working after a default installation

Execution

The service extracts all the files from inside the Jar then performs analysis of the different files for malicious behavior. For all the .java files found inside the jar, the service will run the CFR Decompiler tool on it to get back a human readable version of the code.

When a file inside the Jar is noted as potentially malicious, the file is added as a supplementary file to the results so the analysts can see the content of that file.

About

Assemblyline 4 Java JAR analysis service

cybercentrecanada.github.io/assemblyline4_docs/

Topics

java jar malware-analysis assemblyline

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases 49

v4.5.0.stable5 Latest
May 27, 2024
+ 48 releases

Packages

No packages published

Contributors 5

Languages