Malice Xori Disassembler Plugin

---

Dependencies

• malice/alpine

Installation

1. Install Docker.
2. Download trusted build from public DockerHub: docker pull malice/xori

Usage

$ docker run --rm malice/xori

Usage:
    ./xori [OPTIONS]

disassembly files and output json

optional arguments:
  -h,--help             show this help message and exit
  --input-file,-f INPUT_FILE
                        path of the file to disassemble
  --output,-o OUTPUT    path of the output json
  --config,-c CONFIG    load a specific configuration or else default values
                        are used.
  --uuid,-u             create uuids for output files instead of suffixing the
                        input filename

$ docker run --rm -v /path/to/malware:/malware malice/xori -f EXE

This will output to stdout and POST to malice results API webhook endpoint.

Sample Output

JSON

{
  "xori": {}
}

Markdown

---

xori

---

Documentation

• To write results to ElasticSearch
• To create a pe scan micro-service
• To post results to a webhook

Issues

Find a bug? Want more features? Find something missing in the documentation? Let me know! Please don't hesitate to file an issue

CHANGELOG

See CHANGELOG.md

Contributing

See all contributors on GitHub.

Please update the CHANGELOG.md

Credits

TODO

License

MIT Copyright (c) 2018 blacktop