base64_substring
The base64_substring tool helps malware analysts search through base64-encoded samples by enumerating all possible base64 encodings for a given search term and generating a yara rule that checks those possibilities. To run an example, generate a yara rule that matches a base64-encoded file containing the term 'Application' by using the provided script. Further reading: 'Searching for Content in Base-64 Strings' by Lee Holmes.
FEATURES
ALTERNATIVES
A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.
A library for checking potentially malicious files and archives using YARA and making a decision about their harmfulness.
A backend agnostic debugger frontend for debugging binaries without source code access.
A tool that scans a corpus of malware and builds a YARA rule to detect similar code sections.
Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.
An open-source binary debugger for Windows with a comprehensive plugin system for malware analysis and reverse engineering.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.