Yaraprocessor Logo

Yaraprocessor

0
Free
Visit Website

Yaraprocessor is a tool that allows for scanning data streams in unique ways, supporting scanning in discrete chunks with overlapping or disjoint options based on the 'processing_mode' selected. Originally written for Chopshop, it enables dynamic scanning of payloads from network packet captures, making writing signatures easier by operating on individual packet payloads or concatenations of payloads.

FEATURES

ALTERNATIVES

A Python script that converts shellcode into a PE32 or PE32+ file.

Krakatau provides an assembler and disassembler for Java bytecode, supporting conversion, creation, examination, comparison, and decompilation of Java binaries.

A static analysis tool for PE files that detects malicious behavior and provides information for manual analysis.

Andromeda makes reverse engineering of Android applications faster and easier.

A tutorial on setting up a virtual ARM environment, reversing ARM binaries, and writing basic exploits for ARM using the trafman challenge of rwthCTF as an example.

PLASMA is an interactive disassembler with support for various architectures and formats, offering a Python API for scripting.

YARA module for supporting DCSO format bloom filters with hashlookup capabilities.

A tool for searching a Git repository for interesting content