The objective of this project is to develop a malware analysis tool with the help of certain domain specific tools and technologies.
For this we will be extracting traffic information with the use ofPF_RING , process it and categorize it through the ZEEK platform, test against known malware with the use of YARA engine , and the information extracted after the use of these tools will be later processed and sent for storing in the ELK.
Based on the findings of the system, there will be the possibility of creating easy to analyze visualizations of the network traffic and the possibility of tuning the YARA rules engine for later use.
