#yararules — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #yararules, aggregated by home.social.
-
Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).
1. --export-png images lets you export images of the analysis
2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file
3. couple of small bug fixes and debugging related command line options
You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules
-
Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).
1. --export-png images lets you export images of the analysis
2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file
3. couple of small bug fixes and debugging related command line options
You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules
-
Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).
1. --export-png images lets you export images of the analysis
2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file
3. couple of small bug fixes and debugging related command line options
You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules
-
Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).
1. --export-png images lets you export images of the analysis
2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file
3. couple of small bug fixes and debugging related command line options
You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules
-
Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).
1. --export-png images lets you export images of the analysis
2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file
3. couple of small bug fixes and debugging related command line options
You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules
-
Paranoya: A simple IOC and Yara scanner for Linux
Check ✅️ it out:
https://github.com/c0m4r/paranoya -
Used some #AI to jury rig a basic API documentation site for The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data.
* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* API documentation: https://michelcrypt4d4mus.github.io/yaralyzer/api/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
Used some #AI to jury rig a basic API documentation site for The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data.
* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* API documentation: https://michelcrypt4d4mus.github.io/yaralyzer/api/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
Used some #AI to jury rig a basic API documentation site for The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data.
* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* API documentation: https://michelcrypt4d4mus.github.io/yaralyzer/api/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
Used some #AI to jury rig a basic API documentation site for The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data.
* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* API documentation: https://michelcrypt4d4mus.github.io/yaralyzer/api/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
Used some #AI to jury rig a basic API documentation site for The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data.
* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* API documentation: https://michelcrypt4d4mus.github.io/yaralyzer/api/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.
https://universeodon.com/@cryptadamist/114768170683991686
#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.
https://universeodon.com/@cryptadamist/114768170683991686
#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.
https://universeodon.com/@cryptadamist/114768170683991686
#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.
https://universeodon.com/@cryptadamist/114768170683991686
#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.
https://universeodon.com/@cryptadamist/114768170683991686
#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
just released version 1.0.1 of The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data. Fixes a small bug when trying to choose a byte offset to force a UTF-16 or UTF-32 decoding of matched bytes.
someone set up Yaralyzer as a #Kali package; not sure if that's made it into a release yet but if not the links are below.
https://universeodon.com/@cryptadamist/113642071681749608
#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
just released version 1.0.1 of The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data. Fixes a small bug when trying to choose a byte offset to force a UTF-16 or UTF-32 decoding of matched bytes.
someone set up Yaralyzer as a #Kali package; not sure if that's made it into a release yet but if not the links are below.
https://universeodon.com/@cryptadamist/113642071681749608
#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
just released version 1.0.1 of The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data. Fixes a small bug when trying to choose a byte offset to force a UTF-16 or UTF-32 decoding of matched bytes.
someone set up Yaralyzer as a #Kali package; not sure if that's made it into a release yet but if not the links are below.
https://universeodon.com/@cryptadamist/113642071681749608
#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
-
YaraGuard - a static malware analysis tool that uses YARA rules as it's core
Check it out 🔥🔥:
https://github.com/RootMiner/YaraGuard -
just pushed a new release of The Yaralyzer, my unexpectedly popular tool for visually inspecting the output of #YARA scans with a lot of colors. example output below. change is small: it can now use a directory full of YARA rules files without renaming them all to end in .yara.
* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)someone has packaged this tool for Kali Linux though I don't know if it's in the distro yet. also available for macOS homebrew via an installer someone made for The Pdfalyzer.
Thomas Roccia at #Microsoft was also kind enough to make The Yaralyzer available via a web interface: https://x.com/fr0gger_/status/1749690000478974283
#malware #infosec #cybersecurity #kali #KaliLinux #YARArules #malwaredetection #threathunting #reverseEngineering #malwareAnalysis #reversing #yaralyze #yaralyzer #pdfalyze #detectionengineering
-
Community Generated Yara Rules for detection of malware families
https://github.com/harryeetsource/yara_rules#cybersecurity #infosec #yararules #malwaredetection #threathunting #malware #infosec
-
🚀 Take your malware analysis to the next level with radare2! This script: 🔍 Extracts critical stack strings from binaries ⚙️ Automatically generates custom YARA rules to match malicious patterns 🔐 Seamlessly integrates reverse engineering with detection capabilities.
📅 November 8-9 📍 Barcelona UPC - Edifici Vèrtex
Grab your ticket for #r2con2024 while they last! 📷 https://rada.re/con/2024/ Don't miss out! @pancake @radareorg
#radare2 #MalwareAnalysis #YARArules #ReverseEngineering #CyberSecurity -
I am also using it to write down some articles even if it is for my own future reference, starting with a walkthrough of the Yara room.
-
Malbuzz a malware analysis tool for querying malware samples and Yara rules
-
I am looking for Yara rules to check for malware in PDF, images and office files.
I thought it would be easy to find a repository with such rules, as I am sure I
am not the only one scanning these kind of files. So far I found this:
https://github.com/Yara-Rules/rules
There are repositories pointing to other repositories (like https://github.com/InQuest/awesome-yara)
but none of them seem to be up to date nor have many rule files.
I would expect such a repository to contain thousends of Yara files...Does such a public repository exist?
Is Yara not in use anymore? Many repositories seem abandoned.
I have the feeling that I am missing something... -
Detect Nokoyawa ransomware With YARA Rule.
https://malgamy.github.io/malware-analysis/Nokoyawa/
#yararules #ransomware #malwareanalysis #threatdetection #threathunting #threatintel #infosec #cybersecurity
-
@malwaretech #ffs add enough spaces, and their #yaraRules don’t work.
-
Trying to see if I can get the AI to collapse in on itself.
-
YaraDbg is a free web-based Yara debugger to help security analysts to write hunting or detection rules with less effort and more confidence.
- by @DissectMalware