Yara Decompressor Logo

Yara Decompressor

0
Free
Visit Website

For when your malware samples are stored compressed, but you still want to run rules against them. Currently supports: GZip, BZip2, LZMA (XZ). Modules used: Go-Yara: https://github.com/hillu/go-yara, XZ: https://github.com/ulikunitz/xz. Motivation: I've had to test Yara rules with compressed malware on systems with or without Yara installed. Compiled statically against libyara for ease of use. Currently runs a rule file against a directory of files. Future thoughts: Support for files in Zip and Tar archives, password-protected Zip and 7z files, and testing common passwords.

FEATURES

ALTERNATIVES

A deserialization payload generator for .NET formatters

Collection of malware persistence information and techniques

A backend agnostic debugger frontend for debugging binaries without source code access.

Platform for uploading, searching, and downloading malware samples.

Tool for fingerprinting malware HTTP requests.

Kaitai Struct is a declarative language for describing binary data structures.

A curated list of open-source projects containing protestware sourced from various platforms.

A tool to fuzz query strings and identify vulnerabilities