Launching today

TraceTree
Open-Source Runtime Malware Analysis and Tracing
8 followers
Open-Source Runtime Malware Analysis and Tracing
8 followers
TraceTree is an open-source runtime malware analysis tool built for deep behavioral tracing. Instead of just logging execution, it monitors live processes using severity-weighted syscall scoring and precise behavioral signatures to catch malicious activity as it happens. Designed to counter advanced threats like AI-driven runtime injections, it gives security researchers a clear, structured view of how binaries behave under the hood.



How does the severity-weighted syscall scoring actually compare to something like sysmon or strace in practice — is it mostly about reducing noise or does it catch things those tools miss entirely?
Been digging into the severity-weighted syscall scoring and it actually makes the output way easier to triage than just dumping traces. Finally something that surfaces the suspicious pattern instead of making you sift through everything.
the severity-weighted syscall scoring is a really thoughtful approach to cutting through the noise that usually buries runtime analysis. open-sourcing it under the hood too, nice move for the community.