Yara_fn IDAPython script Logo

Yara_fn IDAPython script

0
Free
Visit Website

A YARA rule generator for IDA Pro that matches basic blocks of the current function. It masks out relocation bytes and ignores jump instructions. If python-yara is installed, it validates that the generated rule matches at least one segment in the current file.

FEATURES

ALTERNATIVES

A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.

Identifies 137 malicious npm packages and gathers system information to a remote server.

A collaborative malware analysis framework with various features for automated analysis tasks.

A tool to locally check for signs of a rootkit with various checks and tests.

Binwalk is a tool for analyzing, reverse engineering, and extracting firmware images with security and Python 2.7 deprecation notices.

Tplmap is a tool for detecting and exploiting server-side template injection vulnerabilities.

Studying Android malware behaviors through Information Flow monitoring techniques.

Python wrapper for Android APK decompilation with various converter and decompiler options.