File Scanning Framework (FSF) v1.1 Logo

File Scanning Framework (FSF) v1.1

0
Free
Visit Website

What is the 'file scanning framework'? Network defenders should be empowered to drive capabilities forward how they see fit. This is the philosophy upon which, FSF was designed. FSF is a modular, recursive file scanning solution. FSF enables analysts to extend the utility of the Yara signatures they write and define actionable intelligence within a file. This is accomplished by recursively scanning a file and looking for opportunities to extract file objects using a combination of Yara signatures (to define opportunities) and programmable logic (to define what to do with the opportunity). The framework allows you to build out your intelligence capability by empowering you to apply observations wrought out of the analytical process… Okay that’s a mouthful – but think about it – if you see that some pattern (maybe a string or a byte sequence) that represents some concept or behavior; through the use of the framework, you are positioned to capture that observation and apply it to certain file types that meet your criteria. The goal being, to help extend the utility for observations from malware analysis and reverse engineering efforts.

FEATURES

ALTERNATIVES

Yabin creates Yara signatures from malware to find similar samples.

A simple framework for extracting actionable data from Android malware

OCaml wrapper for YARA matching engine for malware identification

A de-obfuscator for M/o/Vfuscator, a notorious obfuscator, designed to reverse the effects of M/o/Vfuscator's obfuscation.

A comprehensive guide to malware analysis and reverse engineering, covering topics such as lab setup, debugging, and anti-debugging.

A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.

A cutting-edge AI-based IT security platform that identifies malware and cyber-attacks within seconds

A tool to locally check for signs of a rootkit with various checks and tests.

PINNED