michel_cryptadamus Posted November 6, 2022 Share Posted November 6, 2022 Yaralyzer - Visually inspect and force decode YARA and regex matches found in both binary and text data. Pdfalyzer - Analyze PDFs and diagram their internals. With colors. And Yara. I wrote The Pdfalyzer after a recent security incident traced to a malicious PDF (which, BTW, no one seems to have fully understood yet even though cybersecurity/malware folks I've talked to from reddit and Twitter seem to agree with my conclusion that the PDF was malicious) prompted my first deep dive into cybersecurity beyond the kind of stuff one might need to be a competent technology worker. At a certain point I realized the YARA pattern matching/decoding/visualizing part of that tool might be useful on its own for a sort of initial high level look at suspicious binaries so I extracted it into a separate tool (The Yaralyzer). These were my first contributions to the cybersecurity open source landscape and they were kind of surprisingly well received (to me, anyways) - various #cybersec accounts were tweeting The Yaralyzer even before I managed to tweet about it myself and now The Yaralyzer seems to be scheduled to be added to the standard Kali linux distro in the near future. Was nice to at least confirm that I wasn't just wasting my time recreating some other tool's functionality. 6 Link to comment Share on other sites More sharing options...
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!Register a new account
Already have an account? Sign in here.Sign In Now