YARA Silly Silly Logo

YARA Silly Silly

0
Free
Visit Website

A semi-automatic handy tool to generate YARA rules from sample virus files (WIP) for Malware Analyst, inspired by DIFF function of VirusTotal Premium Account. Python3 is required. Clone the git repository and enter into the folder. Create and activate a virtual environment. Install ssdeep according to your OS. Check all the options that can be passed to the application using python yarasilly2.py --help. Config for the application is also present in the file config.ini in the root folder.

FEATURES

ALTERNATIVES

Holistic malware analysis platform with interactive sandbox, static analyzer, and emulation capabilities.

Generate Yara rules from function basic blocks in x64dbg.

Scan folders and files for crypto patterns, hacking team malware, and malicious documents using PEID signatures.

Debugger and .NET assembly editor with advanced debugging features.

Parse YARA rules into a dictionary representation.

YARA extension for Visual Studio Code with code completion and snippets

A powerful tool for detecting and identifying malware using a rule-based system.

A .NET wrapper for libyara that provides a simplified API for developing tools in C# and PowerShell.