capa

Static malware capability extractor by Mandiant FLARE that maps binary behaviors to ATT and CK techniques.

Feb 12, 2026

∙ Paid

capa is an open source static analysis tool developed and maintained by the FLARE team at Mandiant, now part of Google Cloud. It identifies high level capabilities in executable files by matching low…

Continue reading this post for free, courtesy of CyberMaterial.

Or purchase a paid subscription.