Released v1.3.3. of #Yaralyzer, my surprisingly popular tool for visualizing YARA rule matches with colors (a lot of colors).

1. --export-png images lets you export images of the analysis

2. almost all command line options (including multi argument ones like --yara-rules-dir) can be permanently set via environment variables or .yaralyzer file

3. couple of small bug fixes and debugging related command line options

You can try it on the web here: https://yaratoolkit.securitybreak.io/
(I didn't build this website, Thomas Roccia from Microsoft just integrated Yaralyzer into his existing site)

- Github: https://github.com/michelcrypt4d4mus/yaralyzer
- Pypi: https://pypi.org/project/yaralyzer/
- on macOS you can also get it with #Homebrew by installing Pdfalyzer: brew install pdfalyzer

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #GPL #hacking #infosec #KaliLinux #maldoc #malware #malwareAnalysis #malwareDetection #openSource #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #YARA #YARArule #YARArules

Used some #AI to jury rig a basic API documentation site for The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data.

* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* API documentation: https://michelcrypt4d4mus.github.io/yaralyzer/api/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)

#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.

https://universeodon.com/@cryptadamist/114768170683991686

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

just released version 1.0.1 of The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data. Fixes a small bug when trying to choose a byte offset to force a UTF-16 or UTF-32 decoding of matched bytes.

someone set up Yaralyzer as a #Kali package; not sure if that's made it into a release yet but if not the links are below.

https://universeodon.com/@cryptadamist/113642071681749608

#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

just pushed a new release of The Yaralyzer, my unexpectedly popular tool for visually inspecting the output of #YARA scans with a lot of colors. example output below. change is small: it can now use a directory full of YARA rules files without renaming them all to end in .yara.

* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)

someone has packaged this tool for Kali Linux though I don't know if it's in the distro yet. also available for macOS homebrew via an installer someone made for The Pdfalyzer.

Thomas Roccia at #Microsoft was also kind enough to make The Yaralyzer available via a web interface: https://x.com/fr0gger_/status/1749690000478974283

#malware #infosec #cybersecurity #kali #KaliLinux #YARArules #malwaredetection #threathunting #reverseEngineering #malwareAnalysis #reversing #yaralyze #yaralyzer #pdfalyze #detectionengineering