Steve's repositories
ConventionEngine
ConventionEngine - A Yara Rulepack for PDB Path Hunting
100daysofYARA2024
Rules shared by the community from 100 Days of YARA 2024
DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
100DaysofYARA-2023
Rules Shared by the Community from 100 Days of YARA 2023
stvemillertime.github.io
bleep bloop
apooxml
Generate YARA rules for OOXML documents.
CS7038-Malware-Analysis
Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)
CyberThreatIntel
Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups
decompressingyara
For running Yara rules on malware samples stored in compressed files.
etwunhook
Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.
halogen
Automatically create YARA rules from malicious documents.
Hyara
Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)
macos-ttps-yara
A ruleset to find potentially malicious code in macOS malware samples
malpedia-flossed
FLARE floss applied to all unpacked+dumped samples in Malpedia, pre-processed for further use.
malware-yara
YARA rules for malware detection
mlget
A golang CLI tool to download malware from a variety of sources.
Some-Blurbs
Archive of notable tweets and tweet threads.
yara-forge-docker
Run YARA Forge in a Docker container
Yara-Jam-Sesh
An experimental YARA scanner package for process memory and files
yara-language-nsfw
Lists of not-suitable-for-work words as YARA rules
YARA-Performance-Guidelines
A guide on how to write fast and memory friendly YARA rules