Freki is a free and open-source malware analysis platform.
- Facilitate malware analysis and reverse engineering;
- Provide an easy-to-use REST API for different projects;
- Easy deployment (via Docker);
- Allow the addition of new features by the community.
- Hash extraction.
- VirusTotal API queries.
- Static analysis of PE files (headers, sections, imports, capabilities, and strings).
- Pattern matching with Yara.
- Web interface and REST API.
- User management.
- Community comments.
- Download samples.
Check our online documentation for more details.
Open an issue to suggest new features. All contributions are welcome.
git clone https://github.com/cristianzsh/freki.git
Video demo: https://youtu.be/brvNUPgw7ho.
- Install Docker and Docker Compose.
- Edit the .env file.
- If you are going to use it in production, edit freki.conf to enable HTTPS.
- Run
docker-compose up
ormake
.
If you want to use it locally (e.g., for development), please check our online documentation for more details.
Freki was presented at the XXI Brazilian Symposium on Information and Computational Systems Security (SBSeg 2021).
@inproceedings{sbseg_estendido,
author = {Cristian Souza and Felipe Silva},
title = {Freki: Uma Ferramenta para Análise Automatizada de Malware},
booktitle = {Anais do XXI Simpósio Brasileiro em Segurança da Informação e de Sistemas Computacionais},
location = {Evento Online},
year = {2021},
pages = {58--65},
publisher = {SBC},
address = {Porto Alegre, RS, Brasil},
doi = {10.5753/sbseg_estendido.2021.17340},
url = {https://sol.sbc.org.br/index.php/sbseg_estendido/article/view/17340}
}
This project is licensed under the GNU Affero General Public License.