File Scanning Framework (FSF) v1.1
What is the 'file scanning framework'? Network defenders should be empowered to drive capabilities forward how they see fit. This is the philosophy upon which, FSF was designed. FSF is a modular, recursive file scanning solution. FSF enables analysts to extend the utility of the Yara signatures they write and define actionable intelligence within a file. This is accomplished by recursively scanning a file and looking for opportunities to extract file objects using a combination of Yara signatures (to define opportunities) and programmable logic (to define what to do with the opportunity). The framework allows you to build out your intelligence capability by empowering you to apply observations wrought out of the analytical process… Okay that’s a mouthful – but think about it – if you see that some pattern (maybe a string or a byte sequence) that represents some concept or behavior; through the use of the framework, you are positioned to capture that observation and apply it to certain file types that meet your criteria. The goal being, to help extend the utility for observations from malware analysis and reverse engineering efforts.
FEATURES
SIMILAR TOOLS
Cybersecurity tool merging DarunGrim's analysis algorithms, currently in internal testing for official release.
Andromeda makes reverse engineering of Android applications faster and easier.
Binwalk is a tool for analyzing, reverse engineering, and extracting firmware images with security and Python 2.7 deprecation notices.
A Burp plugin for identifying potential vulnerabilities in web applications
Guide on emulating Raspberry Pi with QEMU and exploring Arm TrustZone research.
A cutting-edge AI-based IT security platform that identifies malware and cyber-attacks within seconds
Interactive incremental disassembler with data/control flow analysis capabilities.
Automate the process of writing YARA rules based on executable code within malware.
A Burp intruder extender for automating and validating XSS vulnerabilities
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.