YARALYZER
Visually inspect all of the regex matches (and their sexier, more cloak and dagger cousins, the YARA matches) found in binary data and/or text. See what happens when you force various character encodings upon those matched bytes. With colors. Quick Start: - pipx install yaralyzer - Scan against YARA definitions in a file: yaralyze --yara-rules /secret/vault/sigmunds_malware_rules.yara lacan_buys_the_dip.pdf - Scan against an arbitrary regular expression: yaralyze --regex-pattern 'good and evil.*of\s+\w+byte' the_crypto_archipelago.exe - Scan against an arbitrary YARA hex pattern: yaralyze --hex-pattern 'd0 93 d0 a3 d0 [-] 9b d0 90 d0 93' one_day_in_the_life_of_ivan_cryptosovich.bin What It Do: See the actual bytes your YARA rules are matching. No more digging around copy/pasting the start positions reported by YARA into your favorite hex editor. Displays both the bytes matched by YARA as well as a configurable number of bytes before and after each match in hexadecimal and 'raw' python string representation. Do the same for byte patterns and regular expressions without writing a YARA file. If you're too lazy to write a YARA file but are trying to determine, say, whether the
FEATURES
ALTERNATIVES
A next-generation crawling and spidering framework for extracting data from websites
A command-line tool for creating hex dumps, converting between binary and human-readable representations, and patching binary files.
Open Backup Extractor is an open source program for extracting data from iPhone and iPad backups.
A library and tools to access and manipulate VMware Virtual Disk (VMDK) files.
A DFVFS backed viewer project with a WxPython GUI, aiming to enhance file extraction and viewing capabilities.
CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.
A Mac OS X forensic utility for ensuring correct forensic procedures during disk imaging.
XMLStarlet offers a suite of command line utilities for manipulating and querying XML documents.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.