Introducing Analyse It!

Trident said:
Just wanna let you know guys that I've set up the architecture for the project to be online - as a webpage. No downloads will be needed when the project is finalised.

Click to expand...
running linux today, and in firefox NoScript may be blocking it when I push "get started" (I have some of the needed api (licenses) -- perhaps still teaser stage ie not finalized, but highly welcomed... :D
 
  • Like
Reactions: Dave Russo and Trident
simmerskool said:
running linux today, and in firefox NoScript may be blocking it when I push "get started" (I have some of the needed api (licenses) -- perhaps still teaser stage ie not finalized, but highly welcomed... :D
Click to expand...
I need to do a lot of work before the tool works the way I want it to work. That’s because sub-optimal stuff is not really my thing. I am doing it rapidly but still, time is needed. It is usable in this state, but “this state” is not what I’m chasing.

Yeah, the tool is loads of JS, so if you block that, you get 200 lines of beautifying/styling code 🤣🤣🤣🤣
They will hardly do the job.
You’ll need to trust the tool and allow scripts, there aren’t even any trackers/tracking cookies embedded.
The web hosting is based on Cloudflare.

I am now working on behavioural events pre-filtering and several other heuristics. SCAM analysis is on the roadmap as well.

I am happy, because so far I’ve found the right logics to achieve what I want, I haven’t really gone down rabbit holes. In programming, logic is everything.
 
Last edited:
  • Like
  • Thanks
Reactions: franz, Behold Eck, Miravi and 4 others
1756208634083.png

Orion!!! This is proprietary heuristics engine, does not run on Gemini.
 
Last edited:
  • +Reputation
  • Like
  • Applause
Reactions: franz, simmerskool, Divergent and 2 others
65538cb8d24ff27282bbdeab6f1b3184f35fcd73cfef286e201e69841a0c6d1f

Thanks @Divergent for the sample.

Only 3 engines detect, and Orion too. Orion uses the same heuristics (methods) that I use when looking at samples - it is not based on Gemini.

The reports are submitted to a Cloudflare worker (not the file itself).

Not sure if I will display all detections when I integrate it, I'll probably leave only the highest confidence detection, this is debugging/building stage.

1756307463217.png
 
  • Like
  • Applause
  • +Reputation
Reactions: franz, Moonhorse, roger_m and 3 others
Kongo said:
Just tested it today and it is really cool. Unfortunately I always need to enter my API keys after closing the browser. :(
Click to expand...
That was designed as a security feature, in case of exfiltrations, your API keys remain safe.

I can always change it, if users request.

Orion is still not integrated though, I am interacting with it through a special frontend.

I guess I’ve got a few weeks more.

You can use the state management to export the keys as a json file and import them.
 
  • +Reputation
  • Like
  • Thanks
Reactions: franz, stonjean633, simmerskool and 2 others
News on Orion and Analyse it!

The platforms and the tool will be renamed as follows:

Online analysis platform:
Old name - Analyse it!
New name - Hawk Eye Analysis Platform (HEAP)
Website: hea-p.com

Windows Malware Cleaner:
Old name - Orion Malware Cleaner (OMC)
New name - Hawk Eye Analysis Tool (HEAT)

Domains:
For the platform: hea-p.com (just purchased, don’t try yet)
For the tool - win.hea-p.com
Workers: logic.hea-p.com
Short for hawk eye analysis - platform .com (hea-p.com)

Engines:
Local engine: remains Orion
Online engine: OrionCloud

The domain is operated by Cloudflare (just like the workers).

These changes will not affect the quality of the tools, they will add branding and distinction. I will design the logos soon.
 
  • Like
  • +Reputation
Reactions: roger_m, Miravi, simmerskool and 3 others

You may also like...