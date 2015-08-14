

Malcom is a Python based tool designed to analyze a system's network communication using graphical representations of network traffic, and cross-reference them with known malware sources. This comes handy when analyzing how certain malware species try to communicate with the outside world. Malcom is a Python based tool designed to analyze a system's network communication using graphical representations of network traffic, and cross-reference them with known malware sources. This comes handy when analyzing how certain malware species try to communicate with the outside world.

known-bad' ((i.e. it has been flagged as being malicious by other websites or sources), and more.





It can help you detect central command and control (C&C) servers, understand peer-to-peer networks, observe DNS fast-flux infrastructures, determine if a network artifact is '' ((i.e. it has been flagged as being malicious by other websites or sources), and more.

Malcom uses the following frameworks to work:

flask - a lightweight Python web framework

- a lightweight Python web framework mongodb - a NoSQL database. It interfaces to python with pymongo

- a NoSQL database. It interfaces to python with pymongo redis - An advanced in-memory key-value store

- An advanced in-memory key-value store d3js - a JavaScript library that produces awesome force-directed graphs (https://github.com/mbostock/d3/wiki/Gallery)

- a JavaScript library that produces awesome force-directed graphs (https://github.com/mbostock/d3/wiki/Gallery) bootstrap - a CSS framework that will eventually kill web design, but makes it extremely easy to quickly "webize" applications that would only work through a command prompt.