Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Locked Hyara: Yara rule making tool (IDA Plugin)


itsMe

Recommended Posts

This is the hidden content, please

Hyara is IDA Plugin that provides convenience when writing yard rules.

You can designate the start and end addresses to automatically create rules.

It was created based on GUI, and adding features and improvements are currently underway.

Features
Hyara start screen and 2 options

    When you run Hyara, it aligns to the right like the below picture and the output window is aligned to the left.
    Select/Exit button uses IDAViewWrapper api to get the clicked address in IDA View. After done, you have to press it again to finish.
    After specifying the address, press the “Make” button to show the specified hexadecimal or strings as a result.
    When you click “Save”, those results will be saved in the table below.
    Press “Export Yara Rule” to finally create the yararule using variables stored in the previous step.
    The comment option on the upper right side annotates the assemblies nicely.
    The wildcard option works but further development are still ongoing.

This is the hidden content, please

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.