yextend is a software tool that extends Yara's capabilities by adding native support for handling archived content inflation. The tool automatically processes files that are compressed or archived within multiple layers of containers, extracting and inflating the content so that Yara can perform pattern matching on the underlying payload. When yextend encounters archived files, it recursively extracts content from nested archives and compressed files, passing each discovered resource to Yara for analysis against specified rule sets. This eliminates the need for manual extraction of archived content before running Yara scans. The tool integrates with existing Yara workflows while extending functionality to handle complex file structures where malicious content may be hidden within multiple layers of compression or archiving. yextend maintains compatibility with standard Yara rules and operates as an enhancement layer that preprocesses archived content before analysis.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
Falcon Sandbox is a malware analysis framework that provides in-depth static and dynamic analysis of files, offering hybrid analysis, behavior indicators, and integrations with various security tools.
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
Valkyrie is a sophisticated file verdict system that enhances malware detection through behavioral analysis and extensive file feature examination.
A sandbox for quickly sandboxing known or unknown families of Android Malware
An open-source dynamic analysis framework that intercepts and monitors API calls in Android applications using the Android Substrate framework.
An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.