YARA Logo

YARA

0
Free
Visit Website

YARA is a tool aimed at helping malware researchers to identify and classify malware samples by creating descriptions of malware families based on textual or binary patterns through rules consisting of strings and boolean expressions. It allows for the creation of complex rules using wild-cards, case-insensitive strings, regular expressions, and special operators.

FEATURES

ALTERNATIVES

Krakatau provides an assembler and disassembler for Java bytecode, supporting conversion, creation, examination, comparison, and decompilation of Java binaries.

Go bindings for YARA with installation and build instructions.

Malware sandbox for executing malicious files in an isolated environment with advanced features.

Collection of malware persistence information and techniques

A collection of Android Applications with malware analysis results

A suite of secret scanners built in Rust for performance.

A collection of YARA rules for public use, built from intelligence profiles and file work.

Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.