The base64_substring tool helps malware analysts search through base64-encoded samples by enumerating all possible base64 encodings for a given search term and generating a yara rule that checks those possibilities. To run an example, generate a yara rule that matches a base64-encoded file containing the term 'Application' by using the provided script. Further reading: 'Searching for Content in Base-64 Strings' by Lee Holmes.
FEATURES
SIMILAR TOOLS
A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.
A Python library to interface with a cuckoo-modified instance.
A detailed analysis of malicious packages and how they work
A standalone binary inspection tool for Android developers with support for various formats and dependencies.
A framework for creating XNU based rootkits for OS X and iOS security research
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
FLARE-VM is a collection of software installation scripts for Windows systems designed for setting up and maintaining a reverse engineering environment on a virtual machine.
A tool designed to handle archive file data and augment Yara's capabilities.
Explores malware interaction with Windows API and methods for detection and prevention.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.