Skip to content

CERT-Polska/karton-autoit-ripper

Repository files navigation

AutoIt-Ripper karton service

Uses AutoIt-Ripper to automatically extract embedded AutoIt scripts and resources from compiled binaries.

Author: CERT.pl

Maintainers: nazywam

Consumes:

{
    "type": "sample",
    "stage": "recognized",
    "kind": "runnable",
    "platform": "win32"
}, {
    "type": "sample",
    "stage": "recognized",
    "kind": "runnable",
    "platform": "win64"
}

Produces:

{
    "type": "sample",
    "kind": "raw"
}, {
    "type": "sample",
    "kind": "script",
    "stage": "analyzed",
    "extension": "au3",
}

Usage

First of all, make sure you have setup the core system: https://github.com/CERT-Polska/karton

Then install karton-autoit-ripper from PyPi:

$ pip install karton-autoit-ripper

$ karton-autoit-ripper

Co-financed by the Connecting Europe Facility by of the European Union