Dynamic Sentinel is a Python-based malware detection tool designed to scan suspicious PDF files using a combination of static and dynamic analysis techniques. It provides insights into embedded objects, streams, suspicious keywords, and basic runtime behaviorβall while keeping logs for forensic review.
-
π Static Analysis
- Scans PDF headers, object counts, streams, and embedded elements
- Detects presence of JavaScript, embedded files, encryption, and suspicious actions
-
βοΈ Dynamic Analysis (Basic)
- Executes the file in a sandboxed environment with
straceviafirejail - Captures system-level activity (like
open,execve, etc.) - Stores results in logs for manual inspection
- Executes the file in a sandboxed environment with
-
π Report Generation
- Saves analysis report in
sandbox_logs/ - Prints real-time results to console for quick review
- Saves analysis report in
dynamic_sentinel_tool/ βββ src/ β βββ main.py β βββ static_scan.py β βββ dynamic_scan.py β βββ report.py βββ sandbox_logs/ βββ requirements.txt βββ README.md