Yaraprocessor is a tool that allows for scanning data streams in unique ways, supporting scanning in discrete chunks with overlapping or disjoint options based on the 'processing_mode' selected. Originally written for Chopshop, it enables dynamic scanning of payloads from network packet captures, making writing signatures easier by operating on individual packet payloads or concatenations of payloads.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A program to manage yara ruleset in a database with support for different databases and configuration options.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.
A static analysis tool for PE files that identifies potential malicious indicators through compiler detection, packing analysis, signature matching, and suspicious string identification.
Code to prevent a managed .NET debugger/profiler from working.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
A .NET assembly debugger and editor that enables reverse engineering and dynamic analysis of compiled .NET applications without source code access.