Category: Yara


Fud 100% services packages ready for sales

We offer a monthly Crypter service to make your files undetectable encrypted! this is how it works: You zip the files you want to encrypt and send them to our email then we will encrypt and make your files/file fud 100% (undetectable by any antivirus) and send them back to your email! We offer 3 packages: Standard Prenium Ultimate All those packages offer some unique futures to encrypt your file!  


Black Window 10 v2

  Black Window Enterprise 10 Codename : Polemos Black Window 10 Enterprise is the first windows based penetration testing distribution with Linux integrated ! The system comes activated with a digital license for Windows enterprise! It supports windows apps and Linux apps, GUI and terminal apps! It comes with a tone off hacking tools plus all the tools that are included with the latest release of Cerberus Linux! It has managed to implement Cerberus os within windows. Offers the stability of a windows system…

FnordHex EditorMacNEW TOOLSRegular ExpressionsYarayarGen

Fnord – Pattern Extractor For Obfuscated Code

Fnord is a pattern extractor for obfuscated codeDescriptionFnord has two main functions:Extract byte sequences and create some statisticsUse these statistics, combine length, number of occurrences, similarity and keywords to create a YARA rule1. StatisticsFnord processes the file with a sliding window of varying size to extract all sequences of with a minimum length -m X (default: 4) up to a maximum length -x X (default: 40). For each length, Fnord will present the most frequently occurring sequences -t X (default: 3) in a table.Each…

FindYaraIDA PluginIDA Python PluginNEW TOOLSScanYara

FindYara – IDA Python Plugin To Scan Binary With Yara Rules

Use this IDA python plugin to scan your binary with yara rules. All the yara rule matches will be listed with their offset so you can quickly hop to them!All credit for this plugin and the code goes to David Berard (@p0ly)This plugin is copied from David's excellent findcrypt-yara plugin. This plugin just extends his to use any yara rule.InstallationInstall yara-pythonUsing pip: pip install yara-pythonOther methods: to your IDA "plugins" directoryWatch the tutorial video!Yara Rules With IDA Pro">UsageLaunch the pluginThe plugin can…

Anti-DebuggingAPI TraceBSDC++DrltraceMalware AnalysisMalware DetectionNEW TOOLSPackersProcessesReverse EngineeringYara

Drltrace – A Library Calls Tracer For Windows And Linux Applications

Drltrace is a dynamic API calls tracer for Windows and Linux applications designed primarily for malware analysis. Drltrace is built on top of DynamoRIO dynamic binary instrumentation framework. The release build can be downloaded here.UsageThe usage of drltrace is very simple. A user needs to specify a log directory and a name of a target process in the following way:drltrace -logdir . -- calc.exeThat’s all, the tool will inject required DLLs in the target process, starts instrumentation and in parallel will log information about…

ClamavDetect MalwareDrupalMacMalware DetectionMascNEW TOOLSScanScanner WebWebYara

Masc – A Web Malware Scanner

A malware (web) scanner developed during CyperCamp Hackathon 2017.FeaturesAt the moment, there are some features avaiable for any type of website (custom or CMS) and some of them only available for specific platforms:Scan any website for malware using OWASP WebMalwareScanner checksum, YARA rules databases and ClamAV engine (if available)Perform some cleaning operations to improve website protectionMonitor the website for changes. Details are written in a log fileScan your site to know if it has been infected with some malwareList your local backupsLogging supportBackup your…

Detect MalwareMalware AnalysisMalware AnalyzerMqueryNEW TOOLSYara

Mquery – YARA Malware Query Accelerator (Web Frontend)

Ever had trouble searching for particular malware samples? This project is an analyst-friendly web GUI to look through your digital warehouse.mquery can be used to search through terabytes of malware in a blink of an eye:Thanks to the UrsaDB database, queries on large datasets can be extremely fast.How does it work?YARA is pretty fast, but searching through large dataset for given signature can take a lot of time. To countermeasure this, we have implemented a custom database called UrsaDB. It is able to pre-filter the…

Incident responseIndicators of CompromiseMacNEW TOOLSProcessesRastrea2RScanSMBThreat HuntingYara

Rastrea2R – Collecting &Amp; Hunting For IOCs With Gusto And Style

Ever wanted to turn your AV console into an Incident Response & Threat Hunting machine? Rastrea2r (pronounced "rastreador" - hunter- in Spanish) is a multi-platform open source tool that allows incident responders and SOC analysts to triage suspect systems and hunt for Indicators of Compromise (IOCs) across thousands of endpoints in minutes. To parse and collect artifacts of interest from remote systems (including memory dumps), rastrea2r can execute sysinternal, system commands and other 3rd party tools across multiples endpoints, saving the output to a…

GNUJSONMalPipeMalShareMalware AnalysisNEW TOOLSScanVirusTotalYara

MalPipe – Malware/IOC Ingestion And Processing Engine

MalPipe is a modular malware (and indicator) collection and processing framework. It is designed to pull malware, domains, URLs and IP addresses from multiple feeds, enrich the collected data and export the results.At this time, the following feeds are supported:VirusTotal ()MalShare ()BambenekFeeds ( ()Malc0deIPList ()NoThinkIPFeeds ( ()TorNodes ()Getting StartedThese instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.InstallingDeployment…

MacMalScanMalware AnalysisMalware Static AnlysisNEW TOOLSPEPE FilePython Malware AnalysisStatic AnalysisTLSYara

MalScan – A Simple PE File Heuristics Scanners

MalScan is a simple PE File Heuristics Scanners written in python that you can use to quickly analyze a PE file and find out whether anything suspicious exists. It is a simple tool so doesn't offers much fancy features. You are free to extend it or do whatever you want with it.Things SupportedInformation About file such as MD5, SHA1, TimestampPEiD Signature CheckCustom Yara Rules IntegrationSection, Imports, Exports, Resources and TLS Callbacks OverviewProvides some custom heuristics :-)InstallingYou need to have Python 2.7 installed on your…