Sophos AI YaraML Rules Repository

A simple framework for extracting actionable data from Android malware

YaraML: A Tool for Automatic Yara Rule Generation

YaraML is a tool that automatically generates Yara rules from training data. It does this by translating scikit-learn logistic regression and random forest binary classifiers into the Yara language. Simply provide YaraML with a directory containing malware files and another directory with benign files, regardless of their format. The tool will extract substring features, refine your feature space, train a model, and then 'compile' the model into a textual Yara rule. To understand what this process looks like, refer to the logistic regression Powershell detector generated by YaraML, which is provided below.

Other AI Tools

Proxmark 3

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.

Details

Preparing for Red Team at PRCCDC 2015

Emulates Docker HTTP API with event logging and AWS deployment script.

Details

Practical Guide to NTLM Relaying in 2017

FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.

Details

Project Zero iPhone Messaging Tools

MiniCPS is a framework for Cyber-Physical Systems real-time simulation with support for physical process and control devices simulation, and network emulation.

Details

Projectdiscovery.io | Chaos

FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.

Details