Skip to content

rawqubit/ai-malware-explainer

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ai-malware-explainer 🔐

AI-powered malware behavior explainer that analyzes sandbox reports and behavioral logs, mapping behaviors to MITRE ATT&CK.

Python OpenAI License Security

Overview

AI-powered malware behavior explainer that analyzes sandbox reports and behavioral logs, mapping behaviors to MITRE ATT&CK. This tool is designed for security professionals who want to augment their workflows with AI-driven intelligence, reducing manual analysis time and surfacing actionable insights faster.

Features

  • AI-Driven Analysis — Leverages GPT-4.1 for deep contextual reasoning beyond simple pattern matching.
  • Rich Terminal Output — Color-coded, structured output with tables and formatted Markdown.
  • Flexible Input — Accepts files, stdin pipes, and direct arguments for seamless workflow integration.
  • MITRE ATT&CK Integration — Maps findings to the ATT&CK framework where applicable.
  • Actionable Output — Every analysis includes concrete remediation and response recommendations.

Installation

git clone https://github.com/rawqubit/ai-malware-explainer.git
cd ai-malware-explainer
pip install -r requirements.txt
export OPENAI_API_KEY="your-api-key-here"

Usage

python main.py sandbox_report.json --family Emotet
cat behavior.log | python main.py - --platform Linux
python main.py decompiled.py --platform Windows

Run python main.py --help for full usage information.

Requirements

  • Python 3.9+
  • OpenAI API key (set as OPENAI_API_KEY environment variable)

License

MIT License — see LICENSE for details.

About

AI-powered malware behavior explainer: analyzes sandbox reports and maps behaviors to MITRE ATT&CK.

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages