Binsequencer Logo

Binsequencer

0
Free
Malware Analysis
binary-security
file-analysis
hex-dump
binary-conversion
file-patching
malware-detection
Visit Website

Binsequencer is intended to scan a corpus of similar malware (family/campaign/like-tools) and build a YARA rule that will detect similar sections of code. Specifically, each file will be analyzed and have their data abstracted into sequences of x86 instruction sets. These sets are then used in a sliding window to find commonality across the entire sample corpus. Upon finding an acceptable match, the application will attempt various methods of techniques to create a YARA match moving most specific to least. In the least specific matching, it will convert the matched instruction sets into a series of x86 opcodes, surrounded by wildcards, for usage in a YARA rule. There are a couple of options to adjust the minimum length of the instruction set, but 25 has proven to be fairly reliable while testing samples. If you go too low, you'll start matching more samples that may be unrelated. You can also choose how many matches you want to use for your YARA rule and the application will attempt to find unique instruction sets. Additionally, while the script is intended to be run on x86 PE files, you can instruct it to run on non-PE (JAR/PDF/etc) files or just about any other type of file.

FEATURES

ALTERNATIVES

YaraParser Logo
YaraParser

Python 3 tool for parsing Yara rules with ongoing development.

Free
Malware Analysis
Plyara Logo
Plyara

Parse YARA rules into a dictionary representation.

Free
Malware Analysis
PHPGGC Logo
PHPGGC

A library of PHP unserialize() payloads and a tool to generate them.

Free
Malware Analysis
XXEinjector Logo
XXEinjector

Automate the exploitation of XXE vulnerabilities

Free
Malware Analysis
Vaya-Ciego-Nen Logo
Vaya-Ciego-Nen

A tool to detect, manage and exploit Blind Cross-site scripting (XSS) vulnerabilities.

Free
Malware Analysis
yara_zip_module Logo
yara_zip_module

A yara module for searching strings inside zip files

Free
Malware Analysis
Shotgunyara Logo
Shotgunyara

A tool that generates Yara rules for strings and their XOR encoded versions, as well as base64-encoded variations with different padding possibilities.

Free
Malware Analysis
YARA IDA Processor Logo
YARA IDA Processor

A tool for processing compiled YARA rules in IDA.

Free
Malware Analysis

PINNED

Fabric Platform by BlackStork Logo

Fabric Platform by BlackStork

Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.

Free
Security Operations
Mandos Brief Newsletter Logo

Mandos Brief Newsletter

Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.

Free
Blogs and News
Wiz Logo

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial
Cloud Security
Adversa AI Logo

Adversa AI

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

Commercial
AI Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved

LINKS
Blog
LEGAL
Terms of servicesPrivacy policy