HawkEye
HawkEye is a malware dynamic instrumentation tool based on frida.re framework. It will hook common functions to log malware activities and output the results in a nice web page report.
This is not a sandbox so please use it in a safe sandboxed environment.
Usage
usage: HawkEye.py [-h] [--path PATH] [--pid PID]
optional arguments:
-h, --help show this help message and exit
--path PATH File path
--pid PID Process PID
HawkEye runs in 2 modes:
- spawn a malware sample in a new process given its path.
- hook a running process given its PID.