⚯ Michel de Cryptadamus ⚯Nov 10

fun blog post from @mjg59 wherein he used my #Pdfalyzer tool to bust his landlord for modifying the terms of his rental contract after he signed it.

https://mjg59.dreamwidth.org/73317.html

#PDF #forgery #landlord #tenant #lawfedi

mjg59 | Investigating a forged PDF

⚯ Michel de Cryptadamus ⚯Sep 8, 2025

Used some #AI to jury rig a basic API documentation site for The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data.

* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* API documentation: https://michelcrypt4d4mus.github.io/yaralyzer/api/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)

#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

⚯ Michel de Cryptadamus ⚯Jul 30, 2025

Just released version 1.16.8 of The Pdfalyzer with a bunch of new and updated #YARA rules to scan #PDF files for malicious content. Links in the quoted toot below.

https://universeodon.com/@cryptadamist/114768170683991686

#ascii #asciiArt #blueteam #cybersecurity #detectionEngineering #DFIR #forensics #FOSS #hacking #homebrew #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdf #pdfs #pdfalyzer #pypi #python #redteam #reverseEngineering #reversing #Threatassessment #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

⚯ Michel de Cryptadamus ⚯ (@[email protected])

Attached: 1 image Just published version 1.16.6 of The Pdfalyzer, the surprisingly popular tool for analyzing (possibly malicious) PDFs I created after my own unpleasant encounter with such a creature. Includes a (kind of janky) #YARA rule for #GIFTEDCROOK infostealer PDFs. * Github: https://github.com/michelcrypt4d4mus/pdfalyzer * Pypi: https://pypi.org/project/pdfalyzer/ * Homebrew: https://formulae.brew.sh/formula/pdfalyzer #pypi #python #pdf #pdfs #malware #Threatassessment #maldoc #malwareanalysis #homebrew #infosec #cybersecurity #yararule

Universeodon Social Media
⚯ Michel de Cryptadamus ⚯Jul 30, 2025

just released version 1.0.1 of The Yaralyzer, my unexpectedly popular tool for visualizing and forcibly decoding #YARA matches in binary data. Fixes a small bug when trying to choose a byte offset to force a UTF-16 or UTF-32 decoding of matched bytes.

someone set up Yaralyzer as a #Kali package; not sure if that's made it into a release yet but if not the links are below.

https://universeodon.com/@cryptadamist/113642071681749608

#ascii #asciiArt #blueteam #cybersecurity #detectionengineering #DFIR #forensics #FOSS #hacking #infosec #KaliLinux #malware #malwareDetection #malwareAnalysis #openSource #pdfalyzer #redteam #reverseEngineering #reversing #threathunting #yaralyze #yaralyzer #YARA #YARArule #YARArules

⚯ Michel de Cryptadamus ⚯ (@[email protected])

Attached: 1 image just pushed a new release of The Yaralyzer, my unexpectedly popular tool for visually inspecting the output of #YARA scans with a lot of colors. example output below. change is small: it can now use a directory full of YARA rules files without renaming them all to end in .yara. https://github.com/michelcrypt4d4mus/yaralyzer someone has packaged this tool for Kali Linux though I don't know if it's in the distro yet. also available for macOS homebrew via an installer someone made for The Pdfalyzer. Thomas Roccia at #Microsoft was also kind enough to make The Yaralyzer available via a web interface: https://x.com/fr0gger_/status/1749690000478974283 #malware #infosec #cybersecurity #kali #KaliLinux #YARArules #malwaredetection #threathunting #reverseEngineering #malwareAnalysis #reversing #yaralyze #yaralyzer #pdfalyze #pdfalyzer #detectionengineering

Universeodon Social Media
Show thread⚯ Michel de Cryptadamus ⚯Feb 1, 2025

@evacide seeing as how it seems like the Paragon attack was executed via maldoc PDFs i'll just mention i created a (surprisingly popular) tool for analyzing (possibly malicious) PDFs after my own unpleasant encounter with such a creature

https://github.com/michelcrypt4d4mus/pdfalyzer

#paragon #infosec #Whatsapp #PDF #pdfalyzer #Malware #maldoc

GitHub - michelcrypt4d4mus/pdfalyzer: Analyze PDFs. With colors. And Yara.

Analyze PDFs. With colors. And Yara. Contribute to michelcrypt4d4mus/pdfalyzer development by creating an account on GitHub.

GitHub
⚯ Michel de Cryptadamus ⚯Dec 12, 2024

just pushed a new release of The Yaralyzer, my unexpectedly popular tool for visually inspecting the output of #YARA scans with a lot of colors. example output below. change is small: it can now use a directory full of YARA rules files without renaming them all to end in .yara.

* GitHub: https://github.com/michelcrypt4d4mus/yaralyzer
* PyPi: https://pypi.org/project/yaralyzer/
* Can also be installed (indirectly) via homebrew if you install The #Pdfalyzer (different tool)

someone has packaged this tool for Kali Linux though I don't know if it's in the distro yet. also available for macOS homebrew via an installer someone made for The Pdfalyzer.

Thomas Roccia at #Microsoft was also kind enough to make The Yaralyzer available via a web interface: https://x.com/fr0gger_/status/1749690000478974283

#malware #infosec #cybersecurity #kali #KaliLinux #YARArules #malwaredetection #threathunting #reverseEngineering #malwareAnalysis #reversing #yaralyze #yaralyzer #pdfalyze #detectionengineering

vPierreNov 16, 2023
https://github.com/michelcrypt4d4mus/pdfalyzer/issues/10 #yara #yararule #pdf #pdfalyzer
Custom YARA rule file is not included · Issue #10 · michelcrypt4d4mus/pdfalyzer

When trying to add custom YARA rules via the --yara-file or -Y argument does not seem to have an effect. The tool still contains the same output as without providing a valid YARA rule file. The YAR...

GitHub