{"id":28444,"date":"2023-02-23T06:40:44","date_gmt":"2023-02-23T06:40:44","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=28444"},"modified":"2023-02-23T06:40:48","modified_gmt":"2023-02-23T06:40:48","slug":"yaralyzer","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/","title":{"rendered":"THE YARALYZER : Visually Inspect And Force Decode YARA And Regex Matches Found In Binary DATA And Text Data, With Colors"},"content":{"rendered":"\n

THE YARALYZER <\/strong>visually inspect all of the regex matches (and their sexier, more cloak and dagger cousins, the YARA<\/a> matches) found in binary data and\/or text. See what happens when you force various character encodings upon those matched bytes. With colors<\/a>.<\/p>\n\n\n\n

Quick Start<\/h2>\n\n\n\n
pipx install yaralyzer\n\n# Scan against YARA definitions in a file:\nyaralyze --yara-rules \/secret\/vault\/sigmunds_malware_rules.yara lacan_buys_the_dip.pdf\n\n# Scan against an arbitrary regular expression:\nyaralyze --regex-pattern 'good and evil.*of\\s+\\w+byte' the_crypto_archipelago.exe\n\n# Scan against an arbitrary YARA hex pattern\nyaralyze --hex-pattern 'd0 93 d0 a3 d0 [-] 9b d0 90 d0 93' one_day_in_the_life_of_ivan_cryptosovich.bin<\/strong><\/pre>\n\n\n\n
<\/a><\/h4>\n\n\n\n
What It Do<\/h2>\n\n\n\n
    \n
  1. See the actual bytes your YARA rules are matching.<\/strong> No more digging around copy\/pasting the start positions reported by YARA into your favorite hex editor. Displays both the bytes matched by YARA as well as a configurable number of bytes before and after each match in hexadecimal and “raw” python string representation.<\/li>\n\n\n\n
  2. Do the same for byte patterns and regular expressions without writing a YARA file.<\/strong> If you’re too lazy to write a YARA file but are trying to determine, say, whether there’s a regular expression hidden somewhere in the file you could scan for the pattern '\/.+\/'<\/code> and immediately get a window into all the bytes in the file that live between front slashes. Same story for quotes, BOMs, etc. Any regex YARA can handle is supported so the sky is the limit.<\/li>\n\n\n\n
  3. Detect the possible encodings of each set of matched bytes.<\/strong> The chardet<\/code> library<\/a> is a sophisticated library for guessing character encodings and it is leveraged here.<\/li>\n\n\n\n
  4. Display the result of forcing various character encodings upon the matched areas.<\/strong> Several default character encodings will be forcibly<\/em> attempted in the region around the match. chardet<\/code><\/a> will also be leveraged to see if the bytes fit the pattern of any<\/em> known encoding. If chardet<\/code> is confident enough (configurable), an attempt at decoding the bytes using that encoding will be displayed.<\/li>\n\n\n\n
  5. Export the matched regions\/decodings to SVG, HTML, and colored text files.<\/strong> Show off your ASCII art.<\/li>\n<\/ol>\n\n\n\n
    <\/a><\/h4>\n\n\n\n
    Why It Do<\/h2>\n\n\n\n
    The Yaralyzer’s functionality was extracted from The Pdfalyzer<\/a> when it became apparent that visualizing and decoding pattern matches in binaries had more utility than just in a PDF analysis tool.<\/p>\n\n\n\n
    YARA<\/a>, for those who are unaware1<\/a><\/sup>, is branded as a malware analysis\/alerting tool but it’s actually both a lot more and a lot less than that. One way to think about it is that YARA is a regular expression matching engine on steroids. It can locate regex matches in binaries like any regex engine but it can also do far wilder things like combine regexes in logical groups, compare regexes against all 256 XORed versions of a binary, check for base64<\/code> and other encodings of the pattern, and more. Maybe most importantly of all YARA provides a standard text based format for people to share<\/em> their ‘roided regexes with the world. All these features are particularly useful when analyzing or reverse engineering malware, whose authors tend to invest a great deal of time into making stuff hard to find.<\/p>\n\n\n\n
    But… that’s also all YARA does. Everything else is up to the user. YARA’s just a match engine and if you don’t know what to match (or even what character encoding you might be able to match in) it only gets you so far. I found myself a bit frustrated trying to use YARA to look at all the matches of a few critical patterns:<\/p>\n\n\n\n
      \n
    1. Bytes between escaped quotes (\\\".+\\\"<\/code> and \\'.+\\'<\/code>)<\/li>\n\n\n\n
    2. Bytes between front slashes (\/.+\/<\/code>). Front slashes demarcate a regular expression in many implementations and I was trying to see if any of the bytes matching this pattern were actually<\/em> regexes.<\/li>\n<\/ol>\n\n\n\n
      YARA just tells you the byte position and the matched string but it can’t tell you whether those bytes are UTF-8, UTF-16, Latin-1, etc. etc. (or none of the above). I also found myself wanting to understand what was going in the region<\/em> of the matched bytes and not just in<\/em> the matched bytes. In other words I wanted to scope the bytes immediately before and after whatever got matched.<\/p>\n\n\n\n
      Enter The Yaralyzer<\/strong>, which lets you quickly scan the regions around matches while also showing you what those regions would look like if they were forced into various character encodings.<\/p>\n\n\n\n
      It’s important to note that The Yaralyzer<\/strong> isn’t a full on malware reversing tool. It can’t do all the things a tool like CyberChef<\/a> does and it doesn’t try to. It’s more intended to give you a quick visual overview of suspect regions in the binary so you can hone in on the areas you might want to inspect with a more serious tool like CyberChef<\/a>.<\/p>\n\n\n\n
      <\/a><\/h1>\n\n\n\n
      Installation<\/h2>\n\n\n\n
      Install it with pipx<\/code><\/a> or pip3<\/code>. pipx<\/code> is a marginally better solution as it guarantees any packages installed with it will be isolated from the rest of your local python environment. Of course if you don’t really have a local python environment this is a moot point and you can feel free to install with pip<\/code>\/pip3<\/code>.<\/p>\n\n\n\n
      pipx install yaralyzer<\/strong>\n<\/code><\/pre>\n\n\n\n
      <\/a><\/h1>\n\n\n\n
      Usage<\/h2>\n\n\n\n
      Run yaralyze -h<\/code> to see the command line options (screenshot below).<\/p>\n\n\n\n
      \"\"<\/figure>\n\n\n\n
      For info on exporting SVG images, HTML, etc., see Example Output<\/a>.<\/p>\n\n\n\n
      <\/a><\/h3>\n\n\n\n
      Configuration<\/strong><\/h3>\n\n\n\n
      If you place a filed called .yaralyzer<\/code> in your home directory or the current working directory then environment variables specified in that .yaralyzer<\/code> file will be added to the environment each time yaralyzer is invoked. This provides a mechanism for permanently configuring various command line options so you can avoid typing them over and over. See the example file .yaralyzer.example<\/code><\/a> to see which options can be configured this way.<\/p>\n\n\n\n
      Only one .yaralyzer<\/code> file will be loaded and the working directory’s .yaralyzer<\/code> takes precedence over the home directory’s .yaralyzer<\/code>.<\/p>\n\n\n\n
      <\/a><\/h3>\n\n\n\n
      As A Library<\/strong><\/h3>\n\n\n\n
      Yaralyzer<\/code><\/a> is the main class. It has a variety of constructors supporting:<\/p>\n\n\n\n
        \n
      1. Precompiled YARA rules<\/li>\n\n\n\n
      2. Creating a YARA rule from a string<\/li>\n\n\n\n
      3. Loading YARA rules from files<\/li>\n\n\n\n
      4. Loading YARA rules from all .yara<\/code> file in a directory<\/li>\n\n\n\n
      5. Scanning bytes<\/code><\/li>\n\n\n\n
      6. Scanning a file<\/li>\n<\/ol>\n\n\n\n
        Should you want to iterate over the BytesMatch<\/code> (like a re.Match<\/code> object for a YARA match) and BytesDecoder<\/code> (tracks decoding attempt stats) objects returned by The Yaralyzer, you can do so like this:<\/p>\n\n\n\n
        from yaralyzer.yaralyzer import Yaralyzer\n\nyaralyzer = Yaralyzer.for_rules_files(['\/secret\/rule.yara'], 'lacan_buys_the_dip.pdf')\n\nfor bytes_match, bytes_decoder in yaralyzer.match_iterator():\n    do_stuff()<\/strong><\/pre>\n\n\n\n
        <\/a><\/h1>\n\n\n\n
        Example Output<\/strong><\/h3>\n\n\n\n
        The Yaralyzer can export visualizations to HTML, ANSI colored text, and SVG vector images using the file export functionality that comes with Rich<\/a>. SVGs can be turned into png<\/code> format images with a tool like Inkscape<\/a> or cairosvg<\/code>. In our experience they both work though we’ve seen some glitchiness with cairosvg<\/code>.<\/p>\n\n\n\n
        PyPi Users:<\/strong> If you are reading this document on PyPi<\/a> be aware that it renders a lot better over on GitHub<\/a>. Pretty pictures, footnotes that work, etc.<\/p>\n\n\n\n
        <\/a><\/h4>\n\n\n\n
        Raw YARA match result:<\/strong><\/h3>\n\n\n\n
        \"\"<\/figure>\n\n\n\n
        Display hex, raw python string, and various attempted decodings of both the match and the bytes before and after the match (configurable):<\/p>\n\n\n\n
        \"\"<\/figure>\n\n\n\n
        Bonus: see what chardet.detect()<\/code> thinks about the likelihood your bytes are in a given encoding\/language:<\/h4>\n\n\n\n
        \"\"<\/figure>\n\n\n\n
          <\/p>\n\n\n\n
          <\/p>\n\n\n\n
        \n
        Click Here To Download<\/a><\/div>\n<\/div>\n\n\n\n
        <\/p>\n\n\n\n
        <\/p>\n","protected":false},"excerpt":{"rendered":"
        THE YARALYZER visually inspect all of the regex matches (and their sexier, more cloak and dagger cousins, the YARA matches) found in binary data and\/or text. See what happens when you force various character encodings upon those matched bytes. With colors. Quick Start pipx install yaralyzer # Scan against YARA definitions in a file: yaralyze […]<\/p>\n","protected":false},"author":4,"featured_media":28447,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[3861,3863,5890],"class_list":["post-28444","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-yara","tag-yara-rules","tag-yaralyzer"],"yoast_head":"\nTHE YARALYZER : Visually Inspect Regex Matches In Binary DATA &Text<\/title>\n<meta name=\"description\" content=\"THE YARALYZER , Visually inspect all of the regex matches found in binary data and\/or text. See what happens when you force various\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"THE YARALYZER : Visually Inspect Regex Matches In Binary DATA &Text\" \/>\n<meta property=\"og:description\" content=\"THE YARALYZER , Visually inspect all of the regex matches found in binary data and\/or text. See what happens when you force various\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-23T06:40:44+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-02-23T06:40:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"THE YARALYZER : Visually Inspect And Force Decode YARA And Regex Matches Found In Binary DATA And Text Data, With Colors\",\"datePublished\":\"2023-02-23T06:40:44+00:00\",\"dateModified\":\"2023-02-23T06:40:48+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/\"},\"wordCount\":1107,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png\",\"keywords\":[\"YARA\",\"Yara Rules\",\"YARALYZER\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/\",\"name\":\"THE YARALYZER : Visually Inspect Regex Matches In Binary DATA &Text\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png\",\"datePublished\":\"2023-02-23T06:40:44+00:00\",\"dateModified\":\"2023-02-23T06:40:48+00:00\",\"description\":\"THE YARALYZER , Visually inspect all of the regex matches found in binary data and\/or text. See what happens when you force various\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png\",\"width\":\"728\",\"height\":\"350\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"THE YARALYZER : Visually Inspect Regex Matches In Binary DATA &Text","description":"THE YARALYZER , Visually inspect all of the regex matches found in binary data and\/or text. See what happens when you force various","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/","og_locale":"en_US","og_type":"article","og_title":"THE YARALYZER : Visually Inspect Regex Matches In Binary DATA &Text","og_description":"THE YARALYZER , Visually inspect all of the regex matches found in binary data and\/or text. See what happens when you force various","og_url":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2023-02-23T06:40:44+00:00","article_modified_time":"2023-02-23T06:40:48+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"THE YARALYZER : Visually Inspect And Force Decode YARA And Regex Matches Found In Binary DATA And Text Data, With Colors","datePublished":"2023-02-23T06:40:44+00:00","dateModified":"2023-02-23T06:40:48+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/"},"wordCount":1107,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png","keywords":["YARA","Yara Rules","YARALYZER"],"articleSection":["Kali Linux"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/yaralyzer\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/","url":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/","name":"THE YARALYZER : Visually Inspect Regex Matches In Binary DATA &Text","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png","datePublished":"2023-02-23T06:40:44+00:00","dateModified":"2023-02-23T06:40:48+00:00","description":"THE YARALYZER , Visually inspect all of the regex matches found in binary data and\/or text. See what happens when you force various","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/yaralyzer\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/yaralyzer\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png","width":"728","height":"350"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEikbmLu5SPdvcGvBk5x2_61tDtQzY7o69molKBNez-7F5Z0bdQxfnBiWOqw49iU3e3BXYIb5xZCNsNRnHfgrbR-QEOQXXxu5bnbzkNY3ZE4xxA05nPW84yq6ccYB6rTQOuVHXsazLnArWAEdeXrLRuMvtU-pnPrCZxuXTtZV_THEbqv6VGhi3t6aGCf\/s16000\/top_of_readme.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":3180,"url":"https:\/\/kalilinuxtutorials.com\/findyara-ida-python-plugin\/","url_meta":{"origin":28444,"position":0},"title":"FindYara – IDA Python Plugin To Scan Binary With Yara Rules","author":"R K","date":"November 11, 2018","format":false,"excerpt":"FindYara uses IDA python plugin to scan your binary with yara rules. All the yara rule matches will be listed with their offset so you can quickly hop to them! FindYara Installation Install yara-python Using pip: pip install yara-python Other methods: https:\/\/pypi.python.org\/pypi\/yara-python Copy FindYara.py to your IDA \"plugins\" directory Also\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/FindYara1.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/FindYara1.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/FindYara1.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/FindYara1.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/FindYara1.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/FindYara1.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":33200,"url":"https:\/\/kalilinuxtutorials.com\/linux-expl0rer\/","url_meta":{"origin":28444,"position":1},"title":"Linux Expl0rer – A Comprehensive Forensics Toolbox For Linux Endpoints","author":"Varshini","date":"June 3, 2024","format":false,"excerpt":"Linux Expl0rer, an easy-to-use, live forensics toolbox designed for Linux endpoints. Built with Python and Flask, this toolkit facilitates comprehensive analysis and monitoring of system activities. Despite no longer being maintained, Linux Expl0rer remains a valuable resource for those needing to inspect processes, search for suspicious files, and more, with\u2026","rel":"","context":"In "Forensics"","block_context":{"text":"Forensics","link":"https:\/\/kalilinuxtutorials.com\/category\/f\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgeKrRvZszJ3Z0VXiqMUOsGPLKZSjrse_hBK_Z8Pp5iLTFHq1AuLehEZ2MzAsb3vcRMnO_MfK8mWvcX5Y990sSmmaR6hMcqt9eqEPA8_Q9RNdtf-6gvp1hvbUdQpadCwxoUKEfEwlvvpiG_cudNKYfneWWNdZxydZzUe_205mpBcjw6hWPw_d3M0tMO6ZnX\/s16000\/Linux%20Expl0rer%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgeKrRvZszJ3Z0VXiqMUOsGPLKZSjrse_hBK_Z8Pp5iLTFHq1AuLehEZ2MzAsb3vcRMnO_MfK8mWvcX5Y990sSmmaR6hMcqt9eqEPA8_Q9RNdtf-6gvp1hvbUdQpadCwxoUKEfEwlvvpiG_cudNKYfneWWNdZxydZzUe_205mpBcjw6hWPw_d3M0tMO6ZnX\/s16000\/Linux%20Expl0rer%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgeKrRvZszJ3Z0VXiqMUOsGPLKZSjrse_hBK_Z8Pp5iLTFHq1AuLehEZ2MzAsb3vcRMnO_MfK8mWvcX5Y990sSmmaR6hMcqt9eqEPA8_Q9RNdtf-6gvp1hvbUdQpadCwxoUKEfEwlvvpiG_cudNKYfneWWNdZxydZzUe_205mpBcjw6hWPw_d3M0tMO6ZnX\/s16000\/Linux%20Expl0rer%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgeKrRvZszJ3Z0VXiqMUOsGPLKZSjrse_hBK_Z8Pp5iLTFHq1AuLehEZ2MzAsb3vcRMnO_MfK8mWvcX5Y990sSmmaR6hMcqt9eqEPA8_Q9RNdtf-6gvp1hvbUdQpadCwxoUKEfEwlvvpiG_cudNKYfneWWNdZxydZzUe_205mpBcjw6hWPw_d3M0tMO6ZnX\/s16000\/Linux%20Expl0rer%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgeKrRvZszJ3Z0VXiqMUOsGPLKZSjrse_hBK_Z8Pp5iLTFHq1AuLehEZ2MzAsb3vcRMnO_MfK8mWvcX5Y990sSmmaR6hMcqt9eqEPA8_Q9RNdtf-6gvp1hvbUdQpadCwxoUKEfEwlvvpiG_cudNKYfneWWNdZxydZzUe_205mpBcjw6hWPw_d3M0tMO6ZnX\/s16000\/Linux%20Expl0rer%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgeKrRvZszJ3Z0VXiqMUOsGPLKZSjrse_hBK_Z8Pp5iLTFHq1AuLehEZ2MzAsb3vcRMnO_MfK8mWvcX5Y990sSmmaR6hMcqt9eqEPA8_Q9RNdtf-6gvp1hvbUdQpadCwxoUKEfEwlvvpiG_cudNKYfneWWNdZxydZzUe_205mpBcjw6hWPw_d3M0tMO6ZnX\/s16000\/Linux%20Expl0rer%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":11454,"url":"https:\/\/kalilinuxtutorials.com\/spyre\/","url_meta":{"origin":28444,"position":2},"title":"Spyre : Simple YARA-Based IOC Scanner","author":"R K","date":"September 15, 2020","format":false,"excerpt":"Spyre is a simple host-based IOC scanner built around the YARA pattern matching engine and other scan modules. The main goal of this project is easy ope-rationalization of YARA rules and other indicators of compromise. Users need to bring their own rule sets. The awesome-yara repository gives a good overview\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":28836,"url":"https:\/\/kalilinuxtutorials.com\/msi-dump\/","url_meta":{"origin":28444,"position":3},"title":"MSI Dump : A Tool That Analyzes Malicious MSI Installation","author":"R K","date":"April 26, 2023","format":false,"excerpt":"MSI Dump is a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner. On Macro-enabled Office documents we can quickly use oletools mraptor to determine whether document is malicious. If we want to dissect it further, we could bring in oletools olevba or\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg8ZegnNxqdOE6PPuDc7fmqPi7UbCw7nt39kdR8Fk2ldlHJoFKRtDTtW7U9jyAtvWP-fhZ3r177u95rzNUj4F2mONgXTX5yReCKiw7P2B0-3M8Yu1Qnu2Rr7uxGeO42Ea8j4dpuF6ZEhPSElnAozhrVbhoEYNxtRNmInN1YN47nEEBbwMQh6wBK0Byq\/s728\/kali%20temp%289%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg8ZegnNxqdOE6PPuDc7fmqPi7UbCw7nt39kdR8Fk2ldlHJoFKRtDTtW7U9jyAtvWP-fhZ3r177u95rzNUj4F2mONgXTX5yReCKiw7P2B0-3M8Yu1Qnu2Rr7uxGeO42Ea8j4dpuF6ZEhPSElnAozhrVbhoEYNxtRNmInN1YN47nEEBbwMQh6wBK0Byq\/s728\/kali%20temp%289%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg8ZegnNxqdOE6PPuDc7fmqPi7UbCw7nt39kdR8Fk2ldlHJoFKRtDTtW7U9jyAtvWP-fhZ3r177u95rzNUj4F2mONgXTX5yReCKiw7P2B0-3M8Yu1Qnu2Rr7uxGeO42Ea8j4dpuF6ZEhPSElnAozhrVbhoEYNxtRNmInN1YN47nEEBbwMQh6wBK0Byq\/s728\/kali%20temp%289%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg8ZegnNxqdOE6PPuDc7fmqPi7UbCw7nt39kdR8Fk2ldlHJoFKRtDTtW7U9jyAtvWP-fhZ3r177u95rzNUj4F2mONgXTX5yReCKiw7P2B0-3M8Yu1Qnu2Rr7uxGeO42Ea8j4dpuF6ZEhPSElnAozhrVbhoEYNxtRNmInN1YN47nEEBbwMQh6wBK0Byq\/s728\/kali%20temp%289%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":24211,"url":"https:\/\/kalilinuxtutorials.com\/fastfinder\/","url_meta":{"origin":28444,"position":4},"title":"FastFinder : Incident Response – Fast Suspicious File Finder","author":"R K","date":"May 6, 2022","format":false,"excerpt":"FastFinder\u00a0is a lightweight tool made for threat hunting, live forensics and triage on both Windows and Linux Platforms. It is focused on endpoint enumeration and suspicious file finding based on various criterias: file path \/ namemd5 \/ sha1 \/ sha256 checksumsimple string content matchcomplex content condition(s) based on YARA Ready\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjWZWgIhi2IxczVLAdpZAvH4FTm8oeAuUOC-yECe364sKlrylMQUoIxQ6Yid-Cnoaiewl3qI96Xh1R_5gP5ZtV0KjW0_5WiUptGIe01s6clU2QjsOxnMUOWXPD2oUQHxPdhr8NY18QSrCkpI5N3XQPT_xUYCZgQqk0ghWT2ZUdu95bCaxC7mtZiJnVD\/s728\/Icon%20%281%29.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjWZWgIhi2IxczVLAdpZAvH4FTm8oeAuUOC-yECe364sKlrylMQUoIxQ6Yid-Cnoaiewl3qI96Xh1R_5gP5ZtV0KjW0_5WiUptGIe01s6clU2QjsOxnMUOWXPD2oUQHxPdhr8NY18QSrCkpI5N3XQPT_xUYCZgQqk0ghWT2ZUdu95bCaxC7mtZiJnVD\/s728\/Icon%20%281%29.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjWZWgIhi2IxczVLAdpZAvH4FTm8oeAuUOC-yECe364sKlrylMQUoIxQ6Yid-Cnoaiewl3qI96Xh1R_5gP5ZtV0KjW0_5WiUptGIe01s6clU2QjsOxnMUOWXPD2oUQHxPdhr8NY18QSrCkpI5N3XQPT_xUYCZgQqk0ghWT2ZUdu95bCaxC7mtZiJnVD\/s728\/Icon%20%281%29.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjWZWgIhi2IxczVLAdpZAvH4FTm8oeAuUOC-yECe364sKlrylMQUoIxQ6Yid-Cnoaiewl3qI96Xh1R_5gP5ZtV0KjW0_5WiUptGIe01s6clU2QjsOxnMUOWXPD2oUQHxPdhr8NY18QSrCkpI5N3XQPT_xUYCZgQqk0ghWT2ZUdu95bCaxC7mtZiJnVD\/s728\/Icon%20%281%29.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":11253,"url":"https:\/\/kalilinuxtutorials.com\/irfuzz\/","url_meta":{"origin":28444,"position":5},"title":"IRFuzz : Simple Scanner with Yara Rules","author":"R K","date":"August 18, 2020","format":false,"excerpt":"IRFuzz is a simple scanner with yara rules for document archives or any files. Install 1. Prerequisites Linux or OS X Yara: just use the latest release source code, compile and install it (or install it via pip install yara-python)Yara Rules - You may download yara rules from here or\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/28444","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=28444"}],"version-history":[{"count":6,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/28444\/revisions"}],"predecessor-version":[{"id":28451,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/28444\/revisions\/28451"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/28447"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=28444"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=28444"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=28444"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}