AutoYara Logo

AutoYara

0
Free
Visit Website

This is the java code implementing the AutoYara algorithm, from our paper Automatic Yara Rule Generation Using Biclustering. Given a set of input files that belong to a given malware family, AutoYara can create Yara rules from the input samples. Our testing indicates it can be successful with as few as 2 sample files, and can achieve very low false positive rates. The goal is to help analysts that need to create rules to weed out the easy families first, so that they can work on the samples that do not yield to automation. This is research code, and comes with no warranty or support. Quick Start: You can download a pre-built binary of AutoYara from the release tab. If you have Java 11 (or greater) installed, you can get started by using the -i flag and providing a path to a file. If you give a folder, files will be selected from that folder recursively. Multiple files/paths can be specified using multiple -i arguments. java -jar AutoYara.jar -i ~/family_dataset/test/azero/ The final output will be written to the current directory. If you want to change the output directory or output file name, you can use --out /path/to/name.yara to change that. Unless you run on a few hun

FEATURES

ALTERNATIVES

Automatic analysis of malware behavior using machine learning.

A cutting-edge AI-based IT security platform that identifies malware and cyber-attacks within seconds

A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.

A framework for creating XNU based rootkits for OS X and iOS security research

Leading open source automated malware analysis system.

An advanced cross-platform tool for detecting and exploiting SQL injection security flaws

An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.

A tool for finding and exploiting SQL injection vulnerabilities in web applications

PINNED