The Yaralyzer is a new tool for visualizing / force decoding YARA and regular expression matches in binary and text

• yaralyzer

  4 100 5.1 Python

  Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.

Long story short I ended up realizing that I could use YARA as a generic backend matching engine to locate these and other byte patterns and a couple of python libraries to try to detect the character encoding and/or force encodings of my choice upon the matched bytes. I ended up extracting the binary regex/YARA match/force decode part of The Pdfalyzer into a new tool that just does the matching/decoding part, which I called The Yaralyzer.

• pdfalyzer

  8 216 6.9 Python

  Analyze PDFs. With colors. And Yara.

A few weeks ago I made a post here about a PDF that evaded all malware detection and caused a security breach, almost certainly through PDF instructions hidden inside of an Adobe Type1 Font binary stream embedded within a PDF. At the time I posted a link to a tool I wrote called The Pdfalyzer that diagrams a PDF's internal and scans for various suspect content.

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• CyberChef

  286 25,384 8.8 JavaScript

  The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

  

I think you could do a lot of this with cyberchef

Suggest a related project