Mquery Logo

Mquery

0
Free
Visit Website

Mquery is an analyst-friendly web GUI that allows malware analysts to search through terabytes of malware using blazingly fast Yara queries. It leverages UrsaDB to accelerate queries with ngrams, providing a quick and efficient way to look through your digital warehouse. To get started, install and start using docker-compose, add files to the SAMPLES_DIR, and index your collection with ursacli in docker.

FEATURES

ALTERNATIVES

A tutorial on setting up a virtual ARM environment, reversing ARM binaries, and writing basic exploits for ARM using the trafman challenge of rwthCTF as an example.

A Python script for scanning data within an IDB using Yara

A tool that scans a corpus of malware and builds a YARA rule to detect similar code sections.

A wordlist to bruteforce for Local File Inclusion (LFI) vulnerabilities

A yara module for searching strings inside zip files

A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.

A standalone binary inspection tool for Android developers with support for various formats and dependencies.

A collection of Yara rules for detecting malware evasion techniques