libyara.NET Logo

libyara.NET

0
Free
Visit Website

A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell. This library targets .NET 4.6. This library is built against the Microsoft.O365.Security.Native.Libyara package which is based on VirusTotal's yara built with vcpkg. This library is currently based on yara 4.2.3 per the vcpkg port. We will update yara version to include the latest features and bug fixes if necessary. This library is avaiable in forms of two NuGet packages, depending on your project types: For .NET framework projects, x86 and x64 binary versions are available on NuGet with the package id Microsoft.O365.Security.Native.libyara.NET. The public key token of official binaries is 31bf3856ad364e35. Projects that use libyara.NET should use 'All CPU' or 'x86' as the platform name to select the x86 binaries and use 'x64' to select the x64 binaries. For .NET Core projects, only x64 binary version is avaiable on NuGet with the package id Microsoft.O365.Security.Native.libyara.NET.Core. The public key token of official binaries is 31bf3856ad364e35. Projects that use libyara.NET should use 'x64' as the platform name to use this NuGet package. Quick Start static void Main(string[] args)

FEATURES

ALTERNATIVES

A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.

Powerful debugging tool with extensive features and extensions for memory dump analysis and crash dump analysis.

A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.

An advanced cross-platform tool for detecting and exploiting SQL injection security flaws

Online Java decompiler tool with support for modern Java features.

PinCTF is a tool for using Intel's Pin Tool to instrument reverse engineering binaries and count instructions.

Tool for fingerprinting malware HTTP requests.

A debugger tool for reverse engineers, crackers, and security analysts, with a user-friendly debugging UI and custom agent support.

PINNED