Freki : Malware Analysis Platform

Freki is a free and open-source malware analysis platform.

Goals

  • Facilitate malware analysis and reverse engineering;
  • Provide an easy-to-use REST API for different projects;
  • Easy deployment (via Docker);
  • Allow the addition of new features by the community.

Current Features

  • Hash extraction.
  • VirusTotal API queries.
  • Static analysis of PE files (headers, sections, imports, capabilities, and strings).
  • Pattern matching with Yara.
  • Web interface and REST API.
  • User management.
  • Community comments.
  • Download samples.

Check our online documentation for more details.

Open an issue to suggest new features. All contributions are welcome.

How to get the source code?

git clone https://github.com/crhenr/freki.git

Demo

Running

The easy way: Docker

  1. Install Docker and Docker Compose.
  2. Edit the .env file.
  3. If you are going to use it in production, edit freki.conf to enable HTTPS.
  4. Run docker-compose up or make.

Other ways

If you want to use it locally (e.g., for development), please check our online documentation for more details.