YARA IDA Processor Logo

YARA IDA Processor

0
Free
Visit Website

Compiled YARA Rules Processor for IDA Loader and processor for YARA's compiled rule format. Installation: put the processor plugin in: <IDA_INSTALL_DIR>\procs\ and put the file loader in: <IDA_INSTALL_DIR>\loaders\. Requirements: IDA 7.0. Tested Versions: YARA 3.7.0, YARA 3.8.1. License: MIT 2018.

FEATURES

ALTERNATIVES

Define and validate YARA rule metadata with CCCS YARA Specification.

Repository of TRISIS/TRITON/HatMan malware samples and decompiled sources targeting ICS Triconex SIS controllers.

A tool to embed XXE and XSS payloads in various file formats

A fast and simple DOM based XSS vulnerability scanner

Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.

A script to detect and remove Canary Tokens with simple signature-based detections.

A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.

Generate Yara rules from function basic blocks in x64dbg.

PINNED