• Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

yara

  1. dEEpEst

    MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.

    MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner. On Macro-enabled Office documents we can quickly use oletools mraptor to determine whether document is malicious. If we want to dissect it further, we could...
  2. itsMe

    Reverse Engineering FindYara v3.3 - IDA python plugin to scan binary with Yara rules

    FindYara Use this IDA python plugin to scan your binary with Yara rules. All the Yara rule matches will be listed with their offset so you can quickly hop to them! Using FindYara The plugin can be launched from the menu using Edit->Plugins->FindYara or using the hot-key combination...
  3. itsMe

    Reverse Engineering Hyara: Yara rule making tool (IDA Plugin)

    Hyara is IDA Plugin that provides convenience when writing yard rules. You can designate the start and end addresses to automatically create rules. It was created based on GUI, and adding features and improvements are currently underway. Features Hyara start screen and 2 options     When you...
  4. itsMe

    Kraken is a simple cross-platform Yara scanner

    Kraken is a simple cross-platform Yara scanner that can be built for Windows, Mac, FreeBSD and Linux. It is primarily intended for incident response, research and ad-hoc detections (not for endpoint protection). Following are the core features: Scan running executables and memory of running...
Back
Top