base64_substring Logo

base64_substring

0
Free
Visit Website

The base64_substring tool helps malware analysts search through base64-encoded samples by enumerating all possible base64 encodings for a given search term and generating a yara rule that checks those possibilities. To run an example, generate a yara rule that matches a base64-encoded file containing the term 'Application' by using the provided script. Further reading: 'Searching for Content in Base-64 Strings' by Lee Holmes.

FEATURES

ALTERNATIVES

Studying Android malware behaviors through Information Flow monitoring techniques.

Platform for uploading, searching, and downloading malware samples.

Original SmaliHook Java source for Android cracking and reversing.

A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.

Blazingly fast Yara queries for malware analysts with an analyst-friendly web GUI.

A command-line utility for examining Objective-C runtime information in Mach-O files and generating class declarations.

A tool for hacking and security testing of JWT

One stop shop for decompiling Android apps with a focus on regenerating R references.