pandora
pandora copied to clipboard
pandora-analysis
Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results
By default, submitting a file to analyze on Pandora never sends the file to public 3rd party systems. It is currently possible to export a submission to MISP (as admin...
Sortable table of observables to quickly see the ones from the MISP warning-list or not.
For email submitted as multiple-part mime type, showing each part in the metadata part.
Equivalent call we want to reproduce: ``` rtfdump.py 3-exploit-equation-editor.rtf -s7 -H -d | strings ``` -s => section -H => hex to str -d => dump
Hey, When starting pandora ``` dconf-CRITICAL **: 09:19:49.040: unable to create directory '/run/user/1000/dconf': Permission denied. dconf will not work properly. ``` Best regards
The files below are unbacked as zipfiles. They should not be: * [ ] apk * [ ] jar
Should we propose pdfid as analysis? and especially should we add the `-d` disarm PDF if a specific `/OpenAction` is found.
Potential extensions/expansion to look at: - [x] [mwdb](https://mwdb.readthedocs.io/en/latest/) - [x] [hashlookup](https://circl.lu/services/hashlookup/) `hashlookup:trust` is an interesting value to look at especially to discriminate malicious versus non-malicious files. `The scale of the...
Dans le cas d'un fichier texte (txt, csv, xml, js, etc) Il y a redondance entre le text preview et le content preview. Il serait possible de ne garder que...
The icon names [`filetype-*`](https://github.com/pandora-analysis/pandora/blob/57df5f99156e5779ec30f1f5ed451e3d9469c3cb/pandora/file.py#L125) have been added in [bootstrap icons 1.8](https://github.com/twbs/icons/releases/tag/v1.8.0). The Flask module uses 1.7.2 right now, so it will fix itself with the next update.
Metadata
Owner
Metadata
Pandora is an analysis framework to discover if a file is suspicious and conveniently show the results