From 27ecf77b28a90fae0794f837ff2f28ea173fb537 Mon Sep 17 00:00:00 2001
From: pe3zx <pe3zx@users.noreply.github.com>
Date: Fri, 17 Jul 2020 21:59:36 +0700
Subject: [PATCH] Add: fireeye/capa

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 8952915..5ee9221 100644
--- a/README.md
+++ b/README.md
@@ -71,6 +71,10 @@ This repository is created as an online bookmark for useful links, resources and
         <td><a href="https://github.com/endgameinc/RTA">endgameinc/RTA</a></td>
         <td>RTA provides a framework of scripts designed to allow blue teams to test their detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK</td>
     </tr>
+    <tr>
+        <td><a href="https://github.com/fireeye/capa">fireeye/capa</a></td>
+        <td>capa detects capabilities in executable files. You run it against a PE file or shellcode and it tells you what it thinks the program can do. For example, it might suggest that the file is a backdoor, is capable of installing services, or relies on HTTP to communicate.</td>
+    </tr>
     <tr>
         <td><a href="https://github.com/jymcheong/AutoTTP">jymchoeng/AutoTTP</a></td>
         <td>Automated Tactics Techniques & Procedures</td>