yarAnalyzer Logo

yarAnalyzer

0
Free
Visit Website

yarAnalyzer creates statistics on a yara rule set and files in a sample directory. Place some signatures with .yar extension in the 'signatures' folder and then run yarAnalyzer on a certain sample directory like: yarAnalyzer.py -p /sample/path -s /signatures. It will generate two tables as command line output and two CSV files (yaranalyzer_file_stats.csv, yaranalyzer_rule_stats.csv). A new feature is the inventory creation. yarAnalyzer.py --inventory -s /signatures. This will create a CSV file named yara-rule-inventory.csv (default, set with '-o') with information about the initialized rules (Rule File;Rule Name;Description;Reference). Screenshots, Rule Statistics, File Statistics, CSV Output in Excel.

FEATURES

ALTERNATIVES

A parsing tool for Yara Scan Service's JSON output file to help maximize benefits and automate parsing of Yara Scan Service results.

A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.

A tool for extracting IOCs from various input sources and converting them into JSON format.

In-depth analysis of real-world attacks and threat tactics

An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.

A cybersecurity tool with online demo, mailing list, and multiple installation methods.

A threat intelligence dissemination layer for open-source security tools with STIX-2 support and plugin-based architecture.

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol, with a focus on incident handling automation and threat intelligence processing.

PINNED