Nyxelf is a powerful tool for analyzing malicious Linux ELF binaries, combining static and dynamic analysis tools. The unique aspect is the custom sandbox environment using QEMU for controlled dynamic analysis. Insights such as unpacking, syscall tracing, and monitoring process/file activity are presented in an intuitive GUI. Surprisingly, Nyxelf offers optional automatic UPX unpacking and adjustable syscall trace verbosity. System dependencies must be set up before using Nyxelf, with commands provided for installation. The tool simplifies analysis tasks for vulnerability assessments, unpacking, syscall tracing, and memory analysis. Future updates include decompiler support, network analysis, UI improvements, and anti anti-debugging features. Happy analyzing!
https://github.com/M3rcuryLake/Nyxelf