Yara Decompressor Logo

Yara Decompressor

0
Free
Visit Website

For when your malware samples are stored compressed, but you still want to run rules against them. Currently supports: GZip, BZip2, LZMA (XZ). Modules used: Go-Yara: https://github.com/hillu/go-yara, XZ: https://github.com/ulikunitz/xz. Motivation: I've had to test Yara rules with compressed malware on systems with or without Yara installed. Compiled statically against libyara for ease of use. Currently runs a rule file against a directory of files. Future thoughts: Support for files in Zip and Tar archives, password-protected Zip and 7z files, and testing common passwords.

FEATURES

ALTERNATIVES

A blind SQL injection tool written in Golang

A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.

A tool that reveals invisible links within JavaScript files

Largest open collection of Android malware samples, with 298 samples and contributions welcome.

A detailed analysis of malicious packages and how they work

A library for running basic functions from stripped binaries cross platform.

A tool for malware analysts to search through base64-encoded samples and generate yara rules.

A collection of Yara rules for detecting malware evasion techniques

PINNED