Yara-Scanner for Burp Suite
Polito has developed a plugin to integrate Burp Suite (both the Professional and the Free versions) and allow the use of the Yara pattern matching and detection against website content.
Scan with Yara in Burp Suite
Select any item in the Site Map and scan it with Yara
Any content that is displayed in Burp Suite’s Site Map can easily be scanned using Yara and one or multiple Yara rules files from a context menu option (provide a screenshot)
Burp Suite will invoke Yara and display the results of Yara scanning on the Yara Output tab if a match is detected. The output will include the Request / Response pair that contained a match as well as the Yara rule that matched against that Request / Response.
The plugin is written in Jython thus requires the installation of a Jython interpreter (provide a link).
The plugin also requires the Yara executable to be located on the computer where Burp Suite is running.
The plugin is available in the BApp Store so installation requires a single click from within Burp Suite.
For the latest developments download the version at the Polito Github page.
If you have questions about the plugin or need help securing your web or mobile application, contact us today.
Our team of experts is ready to MasterCraft your custom cyber security solution. Contact us today and experience what Masterful Cyber Security is all about.