Skip to content

DMFR SECURITY

another security blog…

Reviews
About

Search for:

Category: 100 days of Yara

100 Days of YARA – Day 7: SHA256

On December 26, 2021December 24, 2021 By DanielIn 100 days of Yara2 Comments

Here is an example using the same approach outlined in the previous post about identifying MD5 constants, but applied to SHA256. I used OpenSSL's source code to determine these constants and re-arranged each constant into little-endian byte sequences: https://github.com/openssl/openssl/blob/master/crypto/sha/sha256.c rule sha256_constants { meta: description = "SHA256 constants" strings: $ = { 852c7292 } $ = …

Continue reading 100 Days of YARA – Day 7: SHA256

100 Days of YARA – Day 6: MD5

On December 25, 2021December 23, 2021 By DanielIn 100 days of Yara1 Comment

Find applications implementing the MD5 algorithm with YARA.

100 Days of YARA – Day 5: Shell Scripts Two Ways!

On December 24, 2021December 23, 2021 By DanielIn 100 days of Yara1 Comment

Find scripts with YARA.

100 Days of YARA – Day 4: Identifying Mach-O Files and Java Classes

On December 23, 2021December 23, 2021 By DanielIn 100 days of Yara, forensics, incident response, malware1 Comment

Detect Mach-O binaries with YARA.

100 Days of YARA – Day 3: ELF Files

On December 22, 2021December 22, 2021 By DanielIn 100 days of Yara1 Comment

Identify ELF files with YARA.

100 Days of YARA – Day 2: Identifying PE files and Measuring Speed of Rules

On December 21, 2021December 21, 2021 By DanielIn 100 days of Yara1 Comment

Find PE files with YARA.

100 Days of YARA – Day 1: Basics

On December 20, 2021 By DanielIn 100 days of Yara, forensics, incident response, malware1 Comment

Getting started with YARA.

YARA Rules Index

On December 20, 2021January 5, 2022 By DanielIn 100 days of Yara, forensics, incident response, malware50 Comments

YARA Rules Index

Posts navigation

Archives

February 2022 (12)
January 2022 (31)
December 2021 (15)
November 2021 (3)
October 2021 (7)
September 2021 (13)
August 2021 (13)
May 2021 (4)
April 2021 (23)
February 2021 (5)
January 2021 (6)
December 2020 (8)
February 2020 (2)
November 2019 (1)
October 2019 (2)
December 2018 (3)
July 2018 (1)
May 2017 (2)
April 2017 (5)
January 2017 (1)
December 2016 (4)

ascii assembler base64 binary C c++ cryptography CTF cyberchef ELF exiftool forensics golang hexadecimal hunting incident response java kali Linux malware netcat networking nmap pe pentesting persistence picoctf PowerShell procfs programming Python ransomware reversing reviews security shellcode shell scripting ssh steganography strings web win32 windows wireshark yara

Blog at WordPress.com.

Subscribe Subscribed
- DMFR SECURITY
- Already have a WordPress.com account? Log in now.