Yaraprocessor Logo

Yaraprocessor

0
Free
Visit Website

Yaraprocessor is a tool that allows for scanning data streams in unique ways, supporting scanning in discrete chunks with overlapping or disjoint options based on the 'processing_mode' selected. Originally written for Chopshop, it enables dynamic scanning of payloads from network packet captures, making writing signatures easier by operating on individual packet payloads or concatenations of payloads.

FEATURES

ALTERNATIVES

A program to manage yara ruleset in a database with support for different databases and configuration options.

A native Python cross-version decompiler and fragment decompiler.

A Linux process injection tool that injects shellcode into a running process

A modified version of Cuckoo Sandbox with enhanced features and capabilities.

Microservice for scanning files with Yara

A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence

Tplmap is a tool for detecting and exploiting server-side template injection vulnerabilities.

Repository of YARA rules for Trellix ATR blogposts and investigations

PINNED