From a02ed5c3679aaa23ffb32bf4a828ee53f9ec497f Mon Sep 17 00:00:00 2001 From: Moritz Date: Thu, 16 Jul 2020 18:19:41 +0200 Subject: [PATCH] Update README.md --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index ba9d86b5..e1ef1cc4 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,8 @@ capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do. For example, it might suggest that the file is a backdoor, is capable of installing services, or relies on HTTP to communicate. +Check out the overview in our first [capa blog post](https://www.fireeye.com/blog/threat-research/2020/07/capa-automatically-identify-malware-capabilities.html). + ``` $ capa.exe suspicious.exe