Yara4Pentesters
A set of YARA rules for identifying files containing sensitive information
YARI - YARA Interactive Interactive debugger for the YARA language written in Rust. Debugger directly calls libyara avoiding emulation to get the most accurate results. 🚀 Features: Call functions from modules Get the value of module constants Evaluate complex expressions Check the matches of strings Support for external variables Integration with YARA Language Server For more information, check out: Blog post Wiki Installation To setup your environment please follow instructions from the YLS wiki. Interactive shell Binary accepts the same arguments as original yara binary. λ yari /bin/sh >> elf.number_of_sections Integer(26) >> License Copyright (c) 2022 Avast Software, licensed under the MIT license. See the LICENSE file for more details. YARI and its related projects uses third-party libraries or other resources listed, along with their licenses, in the yari-sys/LICENSE-THIRD-PARTY file. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)
A set of YARA rules for identifying files containing sensitive information
A tool for interacting with the MSBuild API, enabling malicious activities and evading detection.
Darkarmour is a Windows AV evasion tool that helps bypass antivirus software, allowing for the creation of undetectable malware.
RTA provides a framework of scripts for blue teams to test detection capabilities against malicious tradecraft, modeled after MITRE ATT&CK.
A blog post about bypassing AppLocker using PowerShell diagnostic scripts
MiniCPS is a framework for Cyber-Physical Systems real-time simulation with support for physical process and control devices simulation, and network emulation.