ConventionEngine Logo

ConventionEngine

0
Free
Updated 11 March 2025
Malware Analysis
Yara
Malware
File Analysis
Binary Security
Visit Website

ConventionEngine is a collection of Yara rules looking for PEs with PDB paths that have unique, unusual, or overtly malicious-looking keywords, terms, or other features. For further reading on the context, please see the @FireEye blog series on the subject. Keywords = string words used by malware developers to organize files, folders and code projects, often describing the functionality of the malware. Terms = string words that show up in paths as a result of operating system, software, or user behavior, often indicating that the developer is riding solo or that code project is not being developed for a "enterprise" software product. Anomalies = Other things that are less common but are suspicious or indicative of various behaviors. See also here: https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/definitive_dossier_pdb_yara_appendix.pdf

FEATURES

EXPLORE BY TAGS

Yara

Malware

File Analysis

Binary Security

SIMILAR TOOLS

Maldrolyzer Logo
Maldrolyzer

A simple framework for extracting actionable data from Android malware

Free
Malware Analysis
PHPGGC Logo
PHPGGC

A library of PHP unserialize() payloads and a tool to generate them.

Free
Malware Analysis
Nosey Parker Logo
Nosey Parker

A command-line program for finding secrets and sensitive information in textual data and Git history.

Free
Malware Analysis
ida_yara Logo
ida_yara

A Python script for scanning data within an IDB using Yara

Free
Malware Analysis
PEview Logo
PEview

A PE/COFF file viewer that displays header, section, directory, import table, export table, and resource information within various file types.

Free
Malware Analysis
Yara Manager Logo
Yara Manager

A program to manage yara ruleset in a database with support for different databases and configuration options.

Free
Malware Analysis
Enjarify Logo
Enjarify

A tool for translating Dalvik bytecode to equivalent Java bytecode, allowing Java analysis tools to analyze Android applications.

Free
Malware Analysis
NoSql Injection CLI tool Logo
NoSql Injection CLI tool

A command-line tool for identifying NoSQL injection vulnerabilities in MongoDB databases

Free
Malware Analysis
Android Malware Genome Project Logo
Android Malware Genome Project

A dataset release policy for the Android Malware Genome Project, requiring authentication and justification for access to the dataset.

Free
Malware Analysis

PINNED

Mandos Logo

Mandos

Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Consulting
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS
BlogContact
LEGAL
Terms of servicesPrivacy policy