Static File Analyzer (SFA) is a tool written in Python that acts as a bridge between ClamAV and YARA rules, allowing for deep analysis of malicious files. It can score suspect files, build visual tree graphs for quick display of embedded files, compute indicators of compromise, and extract specific patterns like URLs, hosts, and IPs. SFA uses ClamAV to extract embedded files and create JSON trees, then sends them to YARA for rule checking. It is easy to use, available as a Docker image, and has a web interface integrated in an API.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A program to manage yara ruleset in a database with support for different databases and configuration options.
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
PinCTF is a tool for using Intel's Pin Tool to instrument reverse engineering binaries and count instructions.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
A collaborative malware analysis framework with various features for automated analysis tasks.
Valkyrie is a sophisticated file verdict system that enhances malware detection through behavioral analysis and extensive file feature examination.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.