ida_yara

A library for running basic functions from stripped binaries cross platform.

ida_yara: A Python Script for Scanning IDB Data with Yara

ida_yara is a Python script designed to scan data within an IDB file using Yara.

The code replicates IDA's find_text and find_binary functions

The code replicates IDA's find_text and find_binary functions, allowing for efficient searching of text and binary data.

Creating a Yara Signature

This function generates a Yara signature based on the specified search parameters and their corresponding flags. Usage: This is similar to IDA's find_text and find_binary functions. Example: ida_yara.yara_find_text(start_ea, y, x, ustr, sflag=0) ida_yara.yara_find_binary(start_ea, ubinstr, radix=16, sflag=0) Search Flags: - SEARCH_UP: Searches upwards and returns a single match. - SEARCH_DOWN: Searches downwards and returns a single match. - SEARCH_UP|SEARCH_NEXT: Returns all matches above the effective address (ea), ordered from closest to furthest. - SEARCH_DOWN|SEARCH_DOWN: Returns all matches below the effective address (ea). - SEARCH_DOWN: Functions the same as SEARCH_DOWN. - SEARCH_UNICODE: Searches for Unicode characters.

Other AI Tools

PwnAuth

Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.

Details

Project Zero iPhone Messaging Tools

MiniCPS is a framework for Cyber-Physical Systems real-time simulation with support for physical process and control devices simulation, and network emulation.

Details

Projectdiscovery.io | Chaos

FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.

Details