Categories: Kali Linux

FindYara – IDA Python Plugin To Scan Binary With Yara Rules

FindYara uses IDA python plugin to scan your binary with yara rules. All the yara rule matches will be listed with their offset so you can quickly hop to them!

FindYara Installation

Also ReadDarkSpiritz : A Penetration Testing Framework For Linux, MacOS, and Windows Systems

Video Tutorial

Usage

Launch the plugin

The plugin can be launched from the menu using Edit->Plugins->FindYara. Or the plugin can be quickly launched using the hot-key combination ctl-alt-y.

Select a Yara file to scan with

When the plugin launches it will open a file selection dialogue box. You will need to use this to choose the yara file that you want to scan with.

View matches

All of the strings from the yara rule that match the binary will be displayed along with the match locations.

Credit: David Berard

R K

Recent Posts

Upgrade to Ubuntu 20.04 LTS: Prepare, Update, and Confirm

Ubuntu 20.04 LTS (code name Focal Fossa) was released on April 23, 2020. It is a…

8 hours ago

Install Google Chrome on Ubuntu 20.04: Download and Setup Guide

Google Chrome is the most widely used web browser in the world. It is fast, secure,…

8 hours ago

Install Java on Ubuntu 20.04: OpenJDK 11, JDK 8, and JAVA_HOME

Java is one of the most widely used programming languages in the world. It runs on…

9 hours ago

Install Ubuntu on Raspberry Pi: Flash, Configure, and Boot

Raspberry Pi is the most popular single-board computer ever made. It is small, affordable, and surprisingly…

9 hours ago

Install pip on Ubuntu 20.04: Python 3, Python 2, and Usage Guide

pip is Python's package manager. It lets you search, download, and install packages from the Python Package…

9 hours ago

Install MySQL on Ubuntu 20.04: Setup, Security, and Root Access

MySQL is the most popular open-source relational database management system. It is fast, reliable, and a…

1 day ago