fun blog post from @mjg59 wherein he used my #Pdfalyzer tool to bust his landlord for modifying the terms of his rental contract after he signed it.
fun blog post from @mjg59 wherein he used my #Pdfalyzer tool to bust his landlord for modifying the terms of his rental contract after he signed it.
Used some #AI to jury rig a basic API documentation site for The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data.
* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* API documentation: https://michelcrypt4d4mus.github.io/yaralyzer/api/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)
#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.
https://universeodon.com/@cryptadamist/114768170683991686
#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
just released version 1.0.1 of The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data. Fixes a small bug when trying to choose a byte offset to force a UTF-16 or UTF-32 decoding of matched bytes.
someone set up Yaralyzer as a #Kali package; not sure if that's made it into a release yet but if not the links are below.
https://universeodon.com/@cryptadamist/113642071681749608
#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules
@evacide seeing as how it seems like the Paragon attack was executed via maldoc PDFs i'll just mention i created a (surprisingly popular) tool for analyzing (possibly malicious) PDFs after my own unpleasant encounter with such a creature
https://github.com/michelcrypt4d4mus/pdfalyzer
#paragon #infosec #Whatsapp #PDF #pdfalyzer #Malware #maldoc
just pushed a new release of The Yaralyzer, my unexpectedly popular tool for visually inspecting the output of #YARA scans with a lot of colors. example output below. change is small: it can now use a directory full of YARA rules files without renaming them all to end in .yara.
* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)
someone has packaged this tool for Kali Linux though I don't know if it's in the distro yet. also available for macOS homebrew via an installer someone made for The Pdfalyzer.
Thomas Roccia at #Microsoft was also kind enough to make The Yaralyzer available via a web interface: https://x.com/fr0gger_/status/1749690000478974283
#malware #infosec #cybersecurity #kali #KaliLinux #YARArules #malwaredetection #threathunting #reverseEngineering #malwareAnalysis #reversing #yaralyze #yaralyzer #pdfalyze #detectionengineering