Screenshots
Example Usage
usage: yarGen.py [-h] [-m M] [-y min-size] [-z min-score] [-x high-scoring]
[-w superrule-overlap] [-s max-size] [-rc maxstrings]
[--excludegood] [-o output_rule_file] [-e output_dir_strings]
[-a author] [-r ref] [-l lic] [-p prefix] [-b identifier]
[--score] [--strings] [--nosimple] [--nomagic] [--nofilesize]
[-fm FM] [--globalrule] [--nosuper] [--update] [-g G] [-u]
[-c] [-i I] [--dropzone] [--nr] [--oe] [-fs size-in-MB]
[--noextras] [--debug] [--trace] [--opcodes] [-n opcode-num]
yarGen
optional arguments:
-h, --help show this help message and exit
Rule Creation:
-m M Path to scan for malware
-y min-size Minimum string length to consider (default=8)
-z min-score Minimum score to consider (default=0)
-x high-scoring Score required to set string as 'highly specific
string' (default: 30)
-w superrule-overlap Minimum number of strings that overlap to create a
super rule (default: 5)
-s max-size Maximum length to consi
See also
Ultimate-RAT-Collection
Free
For educational purposes only, exhaustive samples of 500+ classic/modern trojan builders including s…
pe-sieve
Open Source
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/in…
SingleFileExtractor
Open Source
A tool for extracting contents (assemblies, configuration, etc.) from a single-file application to a…
htmldate
Open Source
Fast and robust date extraction from web pages, with Python or on the command-line…
volatility3
Free
Volatility is the world's most widely used framework for extracting digital artifacts from volatile …
Autopsy
Open Source
Digital forensics platform and graphical interface to The Sleuth Kit. Features timeline analysis, ke…