Mquery is an analyst-friendly web GUI that allows malware analysts to search through terabytes of malware using blazingly fast Yara queries. It leverages UrsaDB to accelerate queries with ngrams, providing a quick and efficient way to look through your digital warehouse. To get started, install and start using docker-compose, add files to the SAMPLES_DIR, and index your collection with ursacli in docker.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.
Code to prevent a managed .NET debugger/profiler from working.
A sandbox for quickly sandboxing known or unknown families of Android Malware
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
A .NET assembly debugger and editor that enables reverse engineering and dynamic analysis of compiled .NET applications without source code access.
yextend extends Yara's functionality by automatically handling archived and compressed content inflation, enabling pattern matching on files buried within multiple layers of archives.
Joe Sandbox Community provides automated cloud-based malware analysis across multiple OS platforms.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.