Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)
Hyara is plugin that provides convenience when writing yararule.
The plugin is currently undergoing a major revision!
Make
button to show the specified hexadecimal or strings as a result.Save
.Export Yara Rule
Right Click
Comment Option
Rich Header
and imphash
String option
IDA Pro
pip install -r requirements.txt
Hyara_IDA.py and hyara_lib folder
to $ida_dir/pluginsBinaryNinja
Check the python version installed in the cutter and install it.
C:\\Users\\User\\AppData\\Local\\Programs\\Python\\Python3X\\python.exe -m pip install -I -t $cutter_dir/python3X/site-packages -r requirements.txt
copy __init__.py, Hyara_Cutter.py and hyara_lib folder
to $cutter_dir/plugins/python/Hyara
cp -r /tmp/.mount_Cutter5o3a5G/usr /root
Check the python version installed in the cutter and install it.
pip3.X install -I -t /root/usr/lib/python3.X/site-packages -r /root/Hyara/requirements.txt
./Cutter-v2.0.3-x64.Linux.AppImage --pythonhome /root/usr
copy __init__.py, Hyara_Cutter.py and hyara_lib folder
to /root/.local/share/rizin/cutter/plugins/python/Hyara
Activate via Windows -> Plugins -> Hyara
Install Ghidrathon (Installation Guide) to use Hyara Plugin.
pip install PySide2 or pip install PySide6
copy Hyara_Ghidra.py and hyara_lib folder
to C:\\Users\\User\\.ghidra\\.ghidra.X.X.X\\Extensions\\Ghidrathon-X.X.X\\data\\python\\
# Window -> Ghidrathon
import Hyara_Ghidra
Hyara_Ghidra.run()
👤 hyuunnn