Yara_fn IDAPython script Logo

Yara_fn IDAPython script

0
Free
Visit Website

A YARA rule generator for IDA Pro that matches basic blocks of the current function. It masks out relocation bytes and ignores jump instructions. If python-yara is installed, it validates that the generated rule matches at least one segment in the current file.

FEATURES

ALTERNATIVES

YARA extension for Visual Studio Code with code completion and snippets

A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.

Yabin creates Yara signatures from malware to find similar samples.

Krakatau provides an assembler and disassembler for Java bytecode, supporting conversion, creation, examination, comparison, and decompilation of Java binaries.

Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.

Standalone graphical utility for viewing Java source codes from ".class" files.

A de-obfuscator for M/o/Vfuscator, a notorious obfuscator, designed to reverse the effects of M/o/Vfuscator's obfuscation.

Python wrapper for Android APK decompilation with various converter and decompiler options.