Sophos AI YaraML Rules Repository Logo

Sophos AI YaraML Rules Repository

0
Free
Visit Website

YaraML is a tool that automatically generates Yara rules from training data by translating scikit-learn logistic regression and random forest binary classifiers into the Yara language. Give YaraML a directory of malware files and a directory of benign files of any format and it'll extract substring features, downselect your feature space, train a model, and then "compile" the model and return it as a textual Yara rule. To get a feel for what this looks like, see the logistic regression Powershell detector generated by YaraML and given below.

FEATURES

ALTERNATIVES

A javascript malware analysis tool with backend code execution.

A semi-automatic tool to generate YARA rules from virus samples.

A tool designed to handle archive file data and augment Yara's capabilities.

A tool for identifying and analyzing Java serialized objects in network traffic

Ropper is a tool for analyzing binary files and searching for gadgets to build rop chains for different architectures.

Automated Android Malware Analysis tool

Parse YARA rules into a dictionary representation.

A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities

PINNED