yarGen Logo

yarGen

0
Free
Visit Website

yarGen is a generator for YARA rules. The main principle is the creation of yara rules from strings found in malware files while removing all strings that also appear in goodware files. yarGen includes a big goodware strings and opcode database as ZIP archives that have to be extracted before the first use. In version 0.24.0, yarGen introduces an output option (--ai). This feature generates a YARA rule with an expanded set of strings and includes instructions tailored for an AI. Activating the --ai flag appends the instruction text to the yargen_rules.yar output file, which can subsequently be fed into your AI for processing. With version 0.23.0 yarGen has been ported to Python3. If you'd like to use a version using Python 2, try a previous release. (Note that the download location for the pre-built databases has changed)

FEATURES

ALTERNATIVES

A payload creation framework for the retrieval and execution of arbitrary CSharp source code.

A web-based manager for Yara rules, allowing for storage, editing, and management of Yara rules.

ICSREF is a modular framework for automated reverse engineering of industrial control systems binaries

Binwalk is a tool for analyzing, reverse engineering, and extracting firmware images with security and Python 2.7 deprecation notices.

A PowerShell module for interacting with VirusTotal to analyze suspicious files and URLs.

Assembler/disassembler for the dex format used by Dalvik, Android's Java VM implementation.

A command-line program for finding secrets and sensitive information in textual data and Git history.

A Python script for scanning data within an IDB using Yara

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved