This document contains an extensive list of the malware analysis tools I use on a regular basis. 😄
Installing YARA
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
| sudo apt update
sudo apt install -y build-essential \
libssl-dev \
libmagic-dev \
libtool \
make \
gcc \
pkg-config \
libprotobuf-dev
wget https://github.com/VirusTotal/yara/archive/refs/tags/v4.2.1.tar.gz
tar -xzvf v4.2.1.tar.gz
cd yara-4.2.1/
./bootstrap.sh
./configure --enable-macho --enable-magic --enable-dex
make -j 4
sudo make install
sudo ldconfig
|
Installing Suricata
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
| sudo apt-get update
sudo apt-get -y install build-essential \
bsdmainutils \
libtool \
git \
cmake \
ragel \
make \
libmagic-dev \
libjansson-dev \
libnss3-dev \
libgeoip-dev \
libluajit-5.1-dev \
libhiredis-dev \
libboost-dev \
libpcre3-dev \
libpcap-dev \
libnet1-dev\
libyaml-0-2 \
libyaml-dev \
liblz4-dev \
pkg-config \
zlib1g \
zlib1g-dev \
libcap-ng-dev \
libcap-ng0 \
libevent-dev \
rustc \
cargo
wget https://github.com/OISF/suricata/archive/refs/tags/suricata-6.0.5.tar.gz
cd suricata-suricata-6.0.5/
git clone https://github.com/OISF/libhtp
sudo cargo install --root /usr/local cbindgen
./autogen.sh
./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-luajit --enable-rust
make -j 4
sudo make install
sudo make install-conf
sudo ldconfig
|