home.social
Sign in Create account

#maldoc — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #maldoc, aggregated by home.social.

  1. ⚯ Michel de Cryptadamus ⚯ @[email protected] ·

    Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

    1. --export-png images lets you export images of the analysis

    2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

    3. couple of small bug fixes and debugging related command line options

    You can try it on the web here: yaratoolkit.securitybreak.io/
    (I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

    - Github: github.com/michelcrypt4d4mus/y
    - Pypi: pypi.org/project/yaralyzer/
    - on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

    #ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

    #yaralyzer #homebrew #ascii #asciiart #blueteam #cybersecurity
  2. ⚯ Michel de Cryptadamus ⚯ @[email protected] ·

    Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

    1. --export-png images lets you export images of the analysis

    2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

    3. couple of small bug fixes and debugging related command line options

    You can try it on the web here: yaratoolkit.securitybreak.io/
    (I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

    - Github: github.com/michelcrypt4d4mus/y
    - Pypi: pypi.org/project/yaralyzer/
    - on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

    #ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

    #yaralyzer #homebrew #ascii #asciiart #blueteam #cybersecurity
  3. ⚯ Michel de Cryptadamus ⚯ @[email protected] ·

    Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

    1. --export-png images lets you export images of the analysis

    2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

    3. couple of small bug fixes and debugging related command line options

    You can try it on the web here: yaratoolkit.securitybreak.io/
    (I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

    - Github: github.com/michelcrypt4d4mus/y
    - Pypi: pypi.org/project/yaralyzer/
    - on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

    #ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

    #yaralyzer #homebrew #ascii #asciiart #blueteam #cybersecurity
  4. ⚯ Michel de Cryptadamus ⚯ @[email protected] ·

    Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

    1. --export-png images lets you export images of the analysis

    2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

    3. couple of small bug fixes and debugging related command line options

    You can try it on the web here: yaratoolkit.securitybreak.io/
    (I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

    - Github: github.com/michelcrypt4d4mus/y
    - Pypi: pypi.org/project/yaralyzer/
    - on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

    #ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

    #yararules #yararule #yara #threathunting #threatassessment #reversing
  5. ⚯ Michel de Cryptadamus ⚯ @[email protected] ·

    Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

    1. --export-png images lets you export images of the analysis

    2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

    3. couple of small bug fixes and debugging related command line options

    You can try it on the web here: yaratoolkit.securitybreak.io/
    (I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

    - Github: github.com/michelcrypt4d4mus/y
    - Pypi: pypi.org/project/yaralyzer/
    - on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

    #ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

    #yaralyzer #homebrew #ascii #asciiart #blueteam #cybersecurity
  6. ⚯ Michel de Cryptadamus ⚯ @[email protected] ·

    Released v1.17.0 of The Pdfalyzer, the surprisingly popular tool for analyzing (possibly malicious) PDFs I created after my own unpleasant experience. Now ships with two command line tools for extracting stuff from PDF files:

    1. extract_text_from_pdfs() - brute force extract all text from a PDF, including doing an #OCR extraction of any embedded images

    2. extract_pdf_pages() - rip a page range from a #PDF and write them to a new one

    * Github: github.com/michelcrypt4d4mus/p
    * Pypi: pypi.org/project/pdfalyzer/
    * Homebrew: formulae.brew.sh/formula/pdfal
    * Fun thread someone made last week using Pdfalyzer to explain some of how byzantine the PDF format is: x.com/VikParuchuri/status/1965

    #pypi #python #pdf #pdfs #malware #Threatassessment #maldoc #malwareanalysis #homebrew #infosec #cybersecurity #yararule #PdfFies

    #ocr #pdf #pypi #python #pdfs #malware
  7. ⚯ Michel de Cryptadamus ⚯ @[email protected] ·

    @evacide seeing as how it seems like the Paragon attack was executed via maldoc PDFs i'll just mention i created a (surprisingly popular) tool for analyzing (possibly malicious) PDFs after my own unpleasant encounter with such a creature

    github.com/michelcrypt4d4mus/p

    #paragon #infosec #Whatsapp #PDF #pdfalyzer #Malware #maldoc

    #paragon #infosec #whatsapp #pdf #pdfalyzer #malware