Screenshots

Example Usage

pipx install yaralyzer

# Scan against YARA definitions in a file:
yaralyze --yara-rules /secret/vault/sigmunds_malware_rules.yara lacan_buys_the_dip.pdf

# Scan against an arbitrary regular expression:
yaralyze --regex-pattern 'good and evil.*of\s+\w+byte' --regex-modifier wide the_crypto_archipelago.exe

# Scan against an arbitrary YARA hex pattern
yaralyze --hex-pattern 'd0 93 d0 a3 d0 [-] 9b d0 90 d0 93' one_day_in_the_life_of_ivan_cryptosovich.bin

See also

Bulk Extractor

Open Source Kali

Scans a disk image, file, or directory and extracts features such as email addresses, URLs, credit c…

Frida

Open Source Kali

Dynamic instrumentation toolkit for developers, reverse engineers, and security researchers. Injects…

AndKittyInjector

Open Source

Inject a shared library into a process using ptrace…

Ghidra

Open Source Kali

NSA-developed software reverse engineering suite. Features a disassembler, decompiler, scripting (Ja…

Binwalk

Open Source Kali

Firmware analysis tool for searching, extracting, and analyzing binary images. Identifies embedded f…

NTRGhidra

Open Source

A Nintendo DS binary loader for Ghidra…