GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → mandiant → apooxml

mandiant / apooxml

Licence: other
Generate YARA rules for OOXML documents.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

securitydetectionmalwareooxmlyara

Projects that are alternatives of or similar to apooxml

Pecli
CLI tool to analyze PE files
Stars: ✭ 46 (+35.29%)
Mutual labels:  malware, yara
Strelka
Real-time, container-based file scanning at enterprise scale
Stars: ✭ 387 (+1038.24%)
Mutual labels:  detection, yara
Ursadb
Trigram database written in C++, suited for malware indexing
Stars: ✭ 72 (+111.76%)
Mutual labels:  malware, yara
Manalyze
A static analyzer for PE executables.
Stars: ✭ 701 (+1961.76%)
Mutual labels:  malware, yara
yara-parser
Tools for parsing rulesets using the exact grammar as YARA. Written in Go.
Stars: ✭ 69 (+102.94%)
Mutual labels:  detection, yara
Yargen
yarGen is a generator for YARA rules
Stars: ✭ 795 (+2238.24%)
Mutual labels:  malware, yara
Pepper
An open source script to perform malware static analysis on Portable Executable
Stars: ✭ 250 (+635.29%)
Mutual labels:  malware, yara
Yobi
Yara Based Detection Engine for web browsers
Stars: ✭ 39 (+14.71%)
Mutual labels:  malware, yara
binlex
A Binary Genetic Traits Lexer Framework
Stars: ✭ 303 (+791.18%)
Mutual labels:  malware, yara
S1EM
This project is a SIEM with SIRP and Threat Intel, all in one.
Stars: ✭ 270 (+694.12%)
Mutual labels:  malware, yara
Multiscanner
Modular file scanning/analysis framework
Stars: ✭ 494 (+1352.94%)
Mutual labels:  malware, yara
r2yara
r2yara - Module for Yara using radare2 information
Stars: ✭ 30 (-11.76%)
Mutual labels:  malware, yara
Freki
🐺 Malware analysis platform
Stars: ✭ 285 (+738.24%)
Mutual labels:  malware, yara
Malware Ioc
Indicators of Compromises (IOC) of our various investigations
Stars: ✭ 955 (+2708.82%)
Mutual labels:  malware, yara
Mquery
YARA malware query accelerator (web frontend)
Stars: ✭ 264 (+676.47%)
Mutual labels:  malware, yara
Php Malware Finder
Detect potentially malicious PHP files
Stars: ✭ 1,245 (+3561.76%)
Mutual labels:  malware, yara
freki
🐺 Malware analysis platform
Stars: ✭ 327 (+861.76%)
Mutual labels:  malware, yara
ThePhish
ThePhish: an automated phishing email analysis tool
Stars: ✭ 676 (+1888.24%)
Mutual labels:  detection, malware
yara
Malice Yara Plugin
Stars: ✭ 27 (-20.59%)
Mutual labels:  malware, yara
detection
Detection in the form of Yara, Snort and ClamAV signatures.
Stars: ✭ 70 (+105.88%)
Mutual labels:  detection, yara
View All Similar Projects ➔

apooxml

Generate YARA rules for OOXML documents using ZIP local header metadata. To learn more about this tool and the methodology behind it, check out the accompanying blog here.

Usage

➜ python3 apooxml.py -h
usage: apooxml.py [-h] [-a AUTHOR] [-n NAME] [-o OUT] sample

Generate YARA rules for OOXML documents.

positional arguments:
  sample                OOXML document to generate YARA rule from.

optional arguments:
  -h, --help            show this help message and exit
  -a AUTHOR, --author AUTHOR
                        YARA rule author.
  -n NAME, --name NAME  YARA rule name.
  -o OUT, --out OUT     YARA rule file name.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].