Framework to automatically test and explore the capabilities of generic AV engines
Switch branches/tags
Nothing to show
Clone or download
Latest commit 17549fb Oct 29, 2018
Permalink
Failed to load latest commit information.
crave more updates to backend Sep 11, 2018
examples/craverun fix another broken link Sep 18, 2018
.gitattributes update gitattr Sep 10, 2018
.gitignore rework json, merge Aug 25, 2018
LICENSE Initial commit Apr 19, 2018
README.md Fix broken PDF link Sep 18, 2018
requirements.txt update requirements Oct 29, 2018

README.md

crAVe

GitHub license GitHub issues

crAVe is a framework developed at NECSTLab to automatically test and explore the capabilities of generic AV engines. And it's been developed in order to fuel further research, easing the development of scripts to manipulate malware, submit them to scanners (i.e., VirusTotal) and retrieve, and analyze results.

Running crAVe

While crAVe still lacks proper documentation you can find examples of usage in the examples directory. With craverun.py you can reproduce the results we presented at DIMVA 2018.

Research that makes use of crAVe

Toward Systematically Exploring Antivirus Engines (short paper)
Davide Quarta, Federico Salvioni, Andrea Continella, Stefano Zanero.
In Proceedings of the Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), June 2018

@inproceedings{quarta2018toward,
  title={Toward Systematically Exploring Antivirus Engines},
  author={Quarta, Davide and Salvioni, Federico and Continella, Andrea and Zanero, Stefano},
  booktitle={International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment},
  pages={393--403},
  year={2018},
  organization={Springer}
}