Saruman v0.1 Logo

Saruman v0.1

0
Free
Visit Website

Type make to compile launcher (It will also try to compile a parasite.c file which is for you to supply). Make sure your parasite executable is compiled with -fpic -pie. In this version, Saruman doesn't yet support injecting a program that requires command line args because it is early POC. So <parasite_args> will not actually accept args yet. To run with a more stealth technique of loading the executable, use: ./launcher --no-dlopen <parasite_executable>. Currently, this feature has some bugs and won't work with more complex parasites (To be fixed).

FEATURES

ALTERNATIVES

A collection of YARA rules for public use, built from intelligence profiles and file work.

A tool to find XSS vulnerabilities in web applications

KLara is a distributed system written in Python that helps Threat Intelligence researchers hunt for new malware using Yara.

UDcide provides an alternative approach to dealing with Android malware by targeting specific behaviors for removal.

A .Net wrapper library for the native Yara library with interoperability and portability features.

A Scriptable Android Debugger for reverse engineers and developers.

Hyara is a plugin that simplifies writing YARA rules with various convenient features.

YARA extension for Visual Studio Code with code completion and snippets

PINNED