Skip to content
/ AmIInfected Public

Yara scanner that enumerates process memory and then scans it for yara sigs. Not very user friendly currently

2 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Jquinn147/AmIInfected

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
GetHandle
GetHandle
 
 
Properties
Properties
 
 
bin
bin
 
 
obj
obj
 
 
AmIInfected.csproj
AmIInfected.csproj
 
 
App.config
App.config
 
 
Form1.Designer.cs
Form1.Designer.cs
 
 
Form1.cs
Form1.cs
 
 
Form1.resx
Form1.resx
 
 
Program.cs
Program.cs
 
 
ReadMe.md
ReadMe.md
 
 

Repository files navigation

Warning

This program is meant to be run and then left alone. like I said, it's in its early stage. clicking away From the cmd window can lead to things getting...unpredictable.

So just don't do it, unless youre trying to close it.

Requirements

  • Yara exe
  • Yara Rule List
  • Output folder

Description

AMIINFECTED is a process enumerator/yara memory scanner. Using GetProcessById and a set max fuzz point, it guesses all open processes and then runs YARA on all processes enumerated

Executable is located in bin/debug

About

Yara scanner that enumerates process memory and then scans it for yara sigs. Not very user friendly currently

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

 
 
 

Languages