Static File Analyzer (SFA)
Static File Analyzer (SFA) is a tool written in Python that acts as a bridge between ClamAV and YARA rules, allowing for deep analysis of malicious files. It can score suspect files, build visual tree graphs for quick display of embedded files, compute indicators of compromise, and extract specific patterns like URLs, hosts, and IPs. SFA uses ClamAV to extract embedded files and create JSON trees, then sends them to YARA for rule checking. It is easy to use, available as a Docker image, and has a web interface integrated in an API.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Yaraprocessor allows for scanning data streams in unique ways and dynamic scanning of payloads from network packet captures.
Tplmap is a tool for detecting and exploiting server-side template injection vulnerabilities.
PinCTF is a tool for using Intel's Pin Tool to instrument reverse engineering binaries and count instructions.
A standalone binary inspection tool for Android developers with support for various formats and dependencies.
A toolkit for detecting and tracking Blind XSS, XXE, and SSRF vulnerabilities
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.