AI-powered malware behavior explainer that analyzes sandbox reports and behavioral logs, mapping behaviors to MITRE ATT&CK.
AI-powered malware behavior explainer that analyzes sandbox reports and behavioral logs, mapping behaviors to MITRE ATT&CK. This tool is designed for security professionals who want to augment their workflows with AI-driven intelligence, reducing manual analysis time and surfacing actionable insights faster.
- AI-Driven Analysis — Leverages GPT-4.1 for deep contextual reasoning beyond simple pattern matching.
- Rich Terminal Output — Color-coded, structured output with tables and formatted Markdown.
- Flexible Input — Accepts files, stdin pipes, and direct arguments for seamless workflow integration.
- MITRE ATT&CK Integration — Maps findings to the ATT&CK framework where applicable.
- Actionable Output — Every analysis includes concrete remediation and response recommendations.
git clone https://github.com/rawqubit/ai-malware-explainer.git
cd ai-malware-explainer
pip install -r requirements.txt
export OPENAI_API_KEY="your-api-key-here"python main.py sandbox_report.json --family Emotet
cat behavior.log | python main.py - --platform Linux
python main.py decompiled.py --platform WindowsRun python main.py --help for full usage information.
- Python 3.9+
- OpenAI API key (set as
OPENAI_API_KEYenvironment variable)
MIT License — see LICENSE for details.