Yara-Java
Does not require yara to be deployed (embeds all needed native dependencies). Supports two modes of operation: External: yara binary extracted and executed as a child process, Embedded: yara jnilib runs embedded in the java process. Rules can be loaded as strings, files or archives; for archives will recursively look for and load all yara rule files. Matches are returned with identifier, metadata, and tags. Negate, timeout, and limit supported. Support yara 4.0.2 -- 2021/1/17. How to build: Get and build yara source code. Example (building from 4.0.2 version): git clone https://github.com/virustotal/yara.git cd yara git checkout tags/v4.0.2 ./bootstrap.sh ./configure --enable-shared --without-crypto CFLAGS=-fPIC make Get and build yara-java. Example (in 'yara' folder): git clone https://github.com/p8a/yara-java.git cd yara-java mvn clean install Usage and examples: See the unit tests. Notes: After you successfully added some sources you can get the compiled rules using the yr_compiler_get_rules() function. You'll get a pointer to a YR_RULES structure which can be used to scan your data as described in Scanning data. Once yr_compiler_get_rules() is invoked you can not add more sources to
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Scan files for viruses and malware with language-agnostic REST API
Automatically redirect users from www to non-www for a secure connection.
Automatic tool for pentesting XSS attacks against different applications
An open-source web application security scanner framework that identifies vulnerabilities in web applications.
Runtime application security platform that provides vulnerability management, patching, and threat detection at the application level during program execution.
Falco is a cloud native runtime security tool for Linux operating systems that detects and alerts on abnormal behavior and potential security threats in real-time.
A software supply chain security platform that analyzes binaries and software components to detect malware, vulnerabilities, exposed secrets, and tampering throughout the development lifecycle.
An ASPM platform that provides software supply chain security through risk assessment, prioritization, and protection mechanisms.
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.