base64_substring Logo

base64_substring

0
Free
Visit Website

The base64_substring tool helps malware analysts search through base64-encoded samples by enumerating all possible base64 encodings for a given search term and generating a yara rule that checks those possibilities. To run an example, generate a yara rule that matches a base64-encoded file containing the term 'Application' by using the provided script. Further reading: 'Searching for Content in Base-64 Strings' by Lee Holmes.

FEATURES

ALTERNATIVES

Java decompiler for modern Java features up to Java 14.

A tool for finding and exploiting SQL injection vulnerabilities in web applications

Python 3 tool for parsing Yara rules with ongoing development.

dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.

A detailed analysis of malicious packages and how they work

A strings statistics calculator for YARA rules to aid malware research.

A standalone binary inspection tool for Android developers with support for various formats and dependencies.

Repository of scripts, signatures, and IOCs related to various malware analysis topics.