Yara Decompressor
For when your malware samples are stored compressed, but you still want to run rules against them. Currently supports: GZip, BZip2, LZMA (XZ). Modules used: Go-Yara: https://github.com/hillu/go-yara, XZ: https://github.com/ulikunitz/xz. Motivation: I've had to test Yara rules with compressed malware on systems with or without Yara installed. Compiled statically against libyara for ease of use. Currently runs a rule file against a directory of files. Future thoughts: Support for files in Zip and Tar archives, password-protected Zip and 7z files, and testing common passwords.
FEATURES
SIMILAR TOOLS
VxSig is a tool to automatically generate AV byte signatures from similar binaries.
Generate Yara rules from function basic blocks in x64dbg.
An online hash checker utility that retrieves information from various online sources, including Virustotal, HybridAnalysis, and more.
angr is a Python 3 library for binary analysis with various capabilities like symbolic execution and decompilation.
Tplmap is a tool for detecting and exploiting server-side template injection vulnerabilities.
Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.