For when your malware samples are stored compressed, but you still want to run rules against them. Currently supports: GZip, BZip2, LZMA (XZ). Modules used: Go-Yara: https://github.com/hillu/go-yara, XZ: https://github.com/ulikunitz/xz. Motivation: I've had to test Yara rules with compressed malware on systems with or without Yara installed. Compiled statically against libyara for ease of use. Currently runs a rule file against a directory of files. Future thoughts: Support for files in Zip and Tar archives, password-protected Zip and 7z files, and testing common passwords.
FEATURES
SIMILAR TOOLS
Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
PinCTF is a tool for using Intel's Pin Tool to instrument reverse engineering binaries and count instructions.
Blazingly fast Yara queries for malware analysts with an analyst-friendly web GUI.
A collaborative malware analysis framework with various features for automated analysis tasks.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
A sandbox for quickly sandboxing known or unknown families of Android Malware
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.