floss
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
Yara is a powerful tool for detecting and identifying malware, viruses, and other types of malicious code. It uses a rule-based system to scan files and network traffic for specific patterns and signatures. Yara's rules are written in a simple and intuitive syntax, making it easy to create custom rules for detecting specific types of malware. Yara is widely used by security professionals and researchers to identify and analyze malware, and to develop custom detection rules for specific threats. Yara is also highly customizable, allowing users to create custom rules and plugins to extend its functionality. Overall, Yara is a powerful and flexible tool for detecting and identifying malware, and is an essential tool for any security professional or researcher.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
Malware sandbox for executing malicious files in an isolated environment with advanced features.
A file analysis framework that automates the evaluation of files by running a suite of tools and aggregating the output.
A library and command line interface for extracting URLs, IP addresses, MD5/SHA hashes, email addresses, and YARA rules from text corpora.
A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence
OCyara performs OCR on image files and scans them for matches to Yara rules, supporting Debian-based Linux distros.