Yara mode for GNU Emacs to edit Yara related files
You can use Ropper to display information about binary files in different file formats and search for gadgets to build rop chains for various architectures (x86/X86_64, ARM/ARM64, MIPS/MIPS64, PowerPC/PowerPC64, SPARC64). Ropper utilizes the Capstone Framework for disassembly. To install, you can use pip to install Capstone, filebytes, and optionally Keystone. Ropper can be executed after installation using 'python setup.py install' or 'pip install ropper'. It also offers a semantic search command for searching gadgets.
Yara mode for GNU Emacs to edit Yara related files
A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.
Management portal for LoKi scanner with centralized database for scanning activities.
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
A software reverse engineering framework with full-featured analysis tools and support for multiple platforms, instruction sets, and executable formats.
UDcide provides an alternative approach to dealing with Android malware by targeting specific behaviors for removal.