I’v been working on cybersecurity for most then 10 years. During my career I’ve held numerous roles which took me facing many problems: I had to solve technical issues as well as management, economic and financial ones. Every time I needed a “tool” to help a decision or to solve a technical question I started by seeking on “sourceforge/github” looking for something that would fit my needs. If what I needed wasn’t there, I’ve always built it on my own by using what was available at that time. Nowadays, those tools are still producing data which I believe might be useful to many people. Today I’d like to introduce you a simple but interesting malware catching tool base on static YARA rules that is available HERE.
It takes sample feeds and it analyses them agains hundreds of YARA rules. Some of them are public available some other have been written by my own. The engine is quite slow right now, but it has analysed several recent Samples. You might decide to get deep into last processed samples by clicking on table raw (which highlights last 10 processed samples) or to search for a specific hash by pasting your desired sha256 and clicking on the “Search” button. In both ways a modal form will appear showing out the rules that matches the hash you asked for. Since it’s a personal platform it could be quite slow so far. Hope you enjoy it ! Have fun