YarG for Yara Logo

YarG for Yara

0
Free
Application Security
ida
yara
plugin
rule-generation
x86
Visit Website

Yet another rule generator for Yara IDAPython plugin for generating whole Yara rules/patterns from x86/x86-64 code. Operation called 'parameterization' applies to selected code/function. This operation finds alternatives for any possible operands and creates a pattern based on that information. Tested on IDA 7.5+. Installation: Copy the plugin to your IDA_HOME/plugins folder and install dependencies using 'pip install capstone tabulate plyara'. According to the Intel manual, an instruction has the following structure: Instruction prefix, Opcode, Mod R/M, SIB, Displacement, Immediate value. The plugin parameterizes the REX prefix as '4?' and creates candidates for Mod R/M positions based on fixed Mod, Reg, and R/M settings. It generates 4 types of patterns: Mod | ??? | ???, Mod | REG | ???, Mod | REG | R/M, Mod | ??? | R/M.

FEATURES

ALTERNATIVES

Naxsi Logo
Naxsi

A third-party Nginx module that prevents common web attacks by reading a small subset of simple rules containing 99% of known patterns involved in website vulnerabilities.

Free
Application Security
Joint Advanced Application Defect Assessment for Android Application (JAADAS) Logo
Joint Advanced Application Defect Assessment for Android Application (JAADAS)

JAADAS is a powerful tool for static analysis of Android applications, providing features like API misuse analysis and inter-procedure dataflow analysis.

Free
Application Security
The Update Framework (TUF) Logo
The Update Framework (TUF)

A tool for secure content publishing and verification using offline signing and trusted collections.

Free
Application Security
Blankie Logo
Blankie

A CSP plugin for hapi with per-route configuration options.

Free
Application Security
headi Logo
headi

A tool for automated HTTP header injection

Free
Application Security
Codacy Logo
Codacy

A developer-first, API-driven platform that provides development teams with a suite of tools to improve code quality, security, and engineering performance, seamlessly integrated into their existing development workflows.

Commercial
Application Security
The Matasano Crypto Challenges Logo
The Matasano Crypto Challenges

A set of 48 practical programming exercises in cryptography and application security

Free
Application Security
GoLinkFinder Logo
GoLinkFinder

A fast and minimal JS endpoint extractor

Free
Application Security

PINNED

Fabric Platform by BlackStork Logo

Fabric Platform by BlackStork

Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.

Free
Security Operations
Mandos Brief Newsletter Logo

Mandos Brief Newsletter

Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.

Free
Blogs and News
Wiz Logo

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Commercial
Cloud Security
Adversa AI Logo

Adversa AI

Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.

Commercial
AI Security
CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved

LINKS
Blog
LEGAL
Terms of servicesPrivacy policy