penalyze2 is a malware analyzation tool that is developed and runs on GNU/Linux. It analyzes Windows (PE) executable files by emulating both an x86 processor and a Windows enviroment.
The goal of this project is to come up with a Free Software solution for malware analysts. It will be able to circumvent executable packers/encrypters by simply emulating their unpacking/uncrypting code. Additionally it will give its user detailed information about what the program is doing to the system by displaying all library (and hence kernel) calls that are made.
The current development sourcecode can be downloaded via CVS, click here for more information.
There are also two mailing lists, namely penalyze2-commit at nongnu.org, being the place where CVS commit notifications go to, and penalyze2-discussion at nongnu.org, a general development discussion list.
These details are provided for information only. No information here is legal advice and should not be used as such.