Yara-Scanner
Yara-Scanner is a Python-based extension that integrates a Yara scanner into Burp Suite. It allows you to perform on-demand Yara scans of websites within the Burp interface, based on custom Yara rules that you write or obtain. Example use cases include scanning spidered sites for obfuscated Javascript or specific string patterns of interest present in any part of a request or response. Tested with Yara 3.4 in Burp Suite Free and Pro versions 1.6.3x on Windows 7 and 10, and Kali 2.0. Prerequisites: Jython standalone JAR file and Yara binary (3.4).
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A tool for scanning Adobe Experience Manager instances for potential security vulnerabilities
WordPress security scanner for identifying vulnerabilities in WordPress websites.
A tool that detects dangling DNS records in a multi-cloud environment to prevent subdomain takeovers.
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
A vulnerability scanner that helps you identify and fix vulnerabilities in your code
A presentation about the OWASP Top 10, a list of the most critical security risks to web applications.
A GitHub App that monitors GitHub organizations or repositories for adherence to security best practices and detects policy violations.
Vulnerability scanner for Linux/FreeBSD, written in Go, agent-less, informs users of vulnerabilities related to the system and affected servers.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.