Screenshots
Example Usage
usage: yarGen.py [-h] [-m M] [-y min-size] [-z min-score] [-x high-scoring]
[-w superrule-overlap] [-s max-size] [-rc maxstrings]
[--excludegood] [-o output_rule_file] [-e output_dir_strings]
[-a author] [-r ref] [-l lic] [-p prefix] [-b identifier]
[--score] [--strings] [--nosimple] [--nomagic] [--nofilesize]
[-fm FM] [--globalrule] [--nosuper] [--update] [-g G] [-u]
[-c] [-i I] [--dropzone] [--nr] [--oe] [-fs size-in-MB]
[--noextras] [--debug] [--trace] [--opcodes] [-n opcode-num]
yarGen
optional arguments:
-h, --help show this help message and exit
Rule Creation:
-m M Path to scan for malware
-y min-size Minimum string length to consider (default=8)
-z min-score Minimum score to consider (default=0)
-x high-scoring Score required to set string as 'highly specific
string' (default: 30)
-w superrule-overlap Minimum number of strings that overlap to create a
super rule (default: 5)
-s max-size Maximum length to consi
See also
byvalver
Free
takes shellcode bad-bytes and banishes them, returning cleaned shellcode with preserved functionalit…
joincap
Open Source
Merge multiple pcap files together, gracefully.…
SingleFileExtractor
Open Source
A tool for extracting contents (assemblies, configuration, etc.) from a single-file application to a…
aparoid
Free
Static and dynamic Android application security analysis…
Autopsy
Open Source
Digital forensics platform and graphical interface to The Sleuth Kit. Features timeline analysis, ke…
Meerkat
Open Source
A collection of PowerShell modules designed for artifact gathering and reconnaisance of Windows-base…