Pandora Document and File Analysis

Pandora Document and File Analysis

Pandora is an analysis framework designed to determine if a file is suspicious, conveniently displaying the results. Pandora provides a user-friendly content preview interface for large documents, including a preview of the metadata. This allows users to view files without the need to open them locally.

Can I submit sensitive documents for analysis?

Yes, by default, the files are only accessible to the active browser session. The files are not shared (besides the hash lookup) with third parties or external services.

The document can be submitted via the web interface or even via email pandora@circl.lu which will automatically answer with the analysis links.

Can I share analysed files with other parties?

Yes, you can use the Share analysis button on the overall result page to create a shareable link. By default, Pandora links are only accessible to the active session (same browser).

Can I run my private and local instance of Pandora?

Yes, and we highly recommend this. Pandora is also an open-source project pandora-analysis maintained by CIRCL. You can easily install and run your own Pandora instance internally, without using the publicly hosted instance of CIRCL.

How to access the publicly accessible Pandora instance?

The service is publicly accessible to everyone.

How can I safely analyse a suspicious URL?

The companion to Pandora is LookyLoo which provides an interface for analysing web site.