The base64_substring tool helps malware analysts search through base64-encoded samples by enumerating all possible base64 encodings for a given search term and generating a yara rule that checks those possibilities. To run an example, generate a yara rule that matches a base64-encoded file containing the term 'Application' by using the provided script. Further reading: 'Searching for Content in Base-64 Strings' by Lee Holmes.
This tool is not verified yet and doesn't have listed features.
Did you submit the verified tool? Sign in to add features.
Are you the author? Claim the tool by clicking the icon above. After claiming, you can add features.
Debugger and .NET assembly editor with advanced debugging features.
A tutorial on setting up a virtual ARM environment, reversing ARM binaries, and writing basic exploits for ARM using the trafman challenge of rwthCTF as an example.
A Burp intruder extender for automating and validating XSS vulnerabilities
PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games, with CheatEngine-like value type support and memory searching capabilities.
A strings statistics calculator for YARA rules to aid malware research.
A multithreaded YARA scanner for incident response or malware zoos.