yarGen Logo

yarGen

0
Free
Visit Website

yarGen is a generator for YARA rules. The main principle is the creation of yara rules from strings found in malware files while removing all strings that also appear in goodware files. yarGen includes a big goodware strings and opcode database as ZIP archives that have to be extracted before the first use. In version 0.24.0, yarGen introduces an output option (--ai). This feature generates a YARA rule with an expanded set of strings and includes instructions tailored for an AI. Activating the --ai flag appends the instruction text to the yargen_rules.yar output file, which can subsequently be fed into your AI for processing. With version 0.23.0 yarGen has been ported to Python3. If you'd like to use a version using Python 2, try a previous release. (Note that the download location for the pre-built databases has changed)

FEATURES

ALTERNATIVES

A library of PHP unserialize() payloads and a tool to generate them.

ILSpy is the open-source .NET assembly browser and decompiler with various decompiler frontends and features.

PINCE is a front-end/reverse engineering tool for the GNU Project Debugger (GDB), focused on games, with CheatEngine-like value type support and memory searching capabilities.

A blind SQL injection tool written in Golang

A tool to help exploit XXE vulnerabilities by sending a crafted XML file to the server and parsing it to extract the data.

A tool that generates Yara rules for strings and their XOR encoded versions, as well as base64-encoded variations with different padding possibilities.

Tool for decompressing malware samples to run Yara rules against them.

A tool for testing and exploiting Cross-Site Scripting (XSS) vulnerabilities.

PINNED