/vovk

Vovk is framework of tools that include a WinDbg extension that generates in-depth YARA rules for malware.

Primary LanguageJavaGNU General Public License v3.0GPL-3.0

Vovk 2.0 - DEFCON 32 (2024) release available now.

Vovk 2.0 was released at DEFCON 32 in 2024 LV Conf Season.

New: ELF files welcome, disassembly supported, Ghidra Plugin available.

GitHub Logo

Vovk - Yara rule generator

Debugging module for generating in-depth YARA rules for malware. Full post on Medium: https://malienist.medium.com/vovk-advanced-yara-rule-generator-3dff64e31fbb

GitHub Logo

SOURCE

https://github.com/malienist/vovk/tree/master

Usage

Wiki: https://github.com/malienist/vovk/wiki Quick post: https://malienist.medium.com/vovk-advanced-yara-rule-generator-3dff64e31fbb

Contribute!

Join the Vovk Project

Two cohorts are now active. Fork, pull, contribute to get involved.

  1. Blackhat 2023 Cohort
  2. Defcon 2023 Cohort
  3. General

Contributors get credit, merch and opportunities to present there research at conferences as part of Team Malienist.