yarAnalyzer Logo

yarAnalyzer

0
Free
Visit Website

yarAnalyzer creates statistics on a yara rule set and files in a sample directory. Place some signatures with .yar extension in the 'signatures' folder and then run yarAnalyzer on a certain sample directory like: yarAnalyzer.py -p /sample/path -s /signatures. It will generate two tables as command line output and two CSV files (yaranalyzer_file_stats.csv, yaranalyzer_rule_stats.csv). A new feature is the inventory creation. yarAnalyzer.py --inventory -s /signatures. This will create a CSV file named yara-rule-inventory.csv (default, set with '-o') with information about the initialized rules (Rule File;Rule Name;Description;Reference). Screenshots, Rule Statistics, File Statistics, CSV Output in Excel.

FEATURES

ALTERNATIVES

Python APIs for serializing and de-serializing STIX2 JSON content with higher-level APIs for common tasks.

Scan files or process memory for Cobalt Strike beacons and parse their configuration.

QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.

A container of PCAP captures mapped to the relevant attack tactic

MISP is an open source threat intelligence platform that enhances threat information sharing and analysis.

C# wrapper around Yara pattern matching library with Loki and Yara signature support.

YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.

Provides breach and attack simulation products for security control validation, offering three different products to meet the needs of organizations of various sizes and maturity levels.