BinaryAlert
A serverless, real-time, and retroactive malware detection tool that scans files with YARA rules and alerts incident response teams.
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell. This library targets .NET 4.6. This library is built against the Microsoft.O365.Security.Native.Libyara package which is based on VirusTotal's yara built with vcpkg. This library is currently based on yara 4.2.3 per the vcpkg port. We will update yara version to include the latest features and bug fixes if necessary. This library is avaiable in forms of two NuGet packages, depending on your project types: For .NET framework projects, x86 and x64 binary versions are available on NuGet with the package id Microsoft.O365.Security.Native.libyara.NET. The public key token of official binaries is 31bf3856ad364e35. Projects that use libyara.NET should use 'All CPU' or 'x86' as the platform name to select the x86 binaries and use 'x64' to select the x64 binaries. For .NET Core projects, only x64 binary version is avaiable on NuGet with the package id Microsoft.O365.Security.Native.libyara.NET.Core. The public key token of official binaries is 31bf3856ad364e35. Projects that use libyara.NET should use 'x64' as the platform name to use this NuGet package. Quick Start static void Main(string[] args)
A serverless, real-time, and retroactive malware detection tool that scans files with YARA rules and alerts incident response teams.
A sandbox for quickly sandboxing known or unknown families of Android Malware
Malware sandbox for executing malicious files in an isolated environment with advanced features.
A .Net wrapper library for the native Yara library with interoperability and portability features.
A file analysis framework that automates the evaluation of files by running a suite of tools and aggregating the output.
A malware/botnet analysis framework with a focus on network analysis and process comparison.