Whiddler is a multi-threaded, multi-process, cluster-capable software scanning application tool that performs static analysis on files. After completing observations of the file, the software calculates the probability that the file is malicious or not malicious. The threshold level can be adjusted by the user. The current version (v3.2) utilizes Bayes Theorem to determine the overall statistical probability that the file is a threat. The next version of the software (v4.0) will incorporate additional calculation methodologies into the Whiddler software to further enhance capabilities. The Air Force’s software runs on 32/64 Windows and Linux systems.
- Whiddler is highly accurate in evaluating EXE and DLL files. The software currently operates with less accuracy on other file types; however, new functionality is planned for v4.0, including new file types, real-time assessments, and enhanced network “sniffing” capabilities
- Zero-Day Capable: Whiddler does not require signatures of malicious files, so it can identify previously unknown malicious files
- Military Grade: The United States Air Force and the National Security Agency both employ Whiddler to guard against new malicious file threats
- Extensive, On-Going Development: Research and development of Whiddler has been ongoing through three major release versions with v4.0 planning for release this calendar year
- Software code and pending US patent application available for license
- Potential for collaboration with US Air Force 90th Information Operations Squadron researchers to further develop the software for civilian and additional governmental applications