Sophos AI YaraML Rules Repository

A simple framework for extracting actionable data from Android malware

YaraML is a tool that

YaraML is a tool that automatically generates Yara rules from training data by translating scikit-learn logistic regression and random forest binary classifiers into the Yara language. Give YaraML a directory of malware files and a directory of benign files of any format and it'll extract substring features, downselect your feature space, train a model, and then "compile" the model and return it as a textual Yara rule. To get a feel for what this looks like, see the logistic regression Powershell detector generated by YaraML and given below.

Other AI Tools

Proxmark 3

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang for efficient and secure communication.

Details

Visit site

Preparing for Red Team at PRCCDC 2015

Emulates Docker HTTP API with event logging and AWS deployment script.

Details

Visit site

Practical Guide to NTLM Relaying in 2017

FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.

Details

Visit site

Project Zero iPhone Messaging Tools

MiniCPS is a framework for Cyber-Physical Systems real-time simulation with support for physical process and control devices simulation, and network emulation.

Details

Visit site

Projectdiscovery.io | Chaos

FOCA is a tool used to find metadata and hidden information in scanned documents, with capabilities to analyze various file types and extract EXIF information.

Details

Visit site