YARA
YARA is a tool for identifying and classifying malware samples based on textual or binary patterns.
A simple script to detect and remove Canary Tokens. Installation (tested on MacOS 14): git clone https://github.com/referefref/canarytokendetector.git cd canarytokendetector brew install pdftk-java python3 python3-pip -y pip3 install pefile wget https://raw.githubusercontent.com/DidierStevens/DidierStevensSuite/master/disitool.py. Examples: Example running in directory, test-only mode with report output. Example running in nullify, verbose, directory mode (vdf). Background and warranty: I wrote this script to augment a chapter on a book I'm writing about deception technologies, specifically around detection mechanisms for tokens. The detections are simple signature-based detections which could easily be adjusted or randomized by Thinkst in the future. This exists as a PoC, and no warranty of any is provided for the use (or misuse) of this application. Your actions are your own. You execute this at your own risk.
YARA is a tool for identifying and classifying malware samples based on textual or binary patterns.
A debugger tool for reverse engineers, crackers, and security analysts, with a user-friendly debugging UI and custom agent support.
A Burp Suite plugin for automatically adding XSS and SQL payload to fuzz
A javascript malware analysis tool with backend code execution.
A software reverse engineering framework with full-featured analysis tools and support for multiple platforms, instruction sets, and executable formats.
UDcide provides an alternative approach to dealing with Android malware by targeting specific behaviors for removal.