yara-rules

There are 4 repositories under yara-rules topic.

• InQuest / awesome-yara

  A curated list of awesome YARA rules, tools, and people.

  yara-rulesyara-signaturesyaramalware-rulesmalware-analysismalware-researchmalware-detectionyara-scanneryara-managerthreat-huntingawesomeawesome-yaraawesome-listioc
  3278

• Neo23x0 / Loki

  Loki - Simple IOC and YARA Scanner

  pythonyarasignaturescanneriocotxantivirushashyara-rulesdfir
  Language:Python 3251

• Neo23x0 / signature-base

  YARA signature and IOC database for my scanners and tools

  signatureyara-rulesiocscanneryaraanti-virushashthreat-huntingthreat-intelligencedfir
  Language:YARA 2347

• sroberts / awesome-iocs

  A collection of sources of indicators of compromise.

  awesomeawesome-listiocsignatureyara-rules
  Language:Shell 746
• reversinglabs-yara-rules

  reversinglabs / reversinglabs-yara-rules

  ReversingLabs YARA Rules

  reverse-engineeringyara-rulesyara-signaturesransomware-detectionransomware-preventionmalware-detectionindicators-of-compromiseyara
  Language:YARA 699

• KasperskyLab / klara

  Kaspersky's GReAT KLara

  yara-rulesklarathreat-intelligencethreat-hunting
  Language:PHP 679

• InQuest / yara-rules

  A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

  yarayara-rulesthreat-huntingyara-signatures
  Language:Python 355

• bartblaze / Yara-rules

  Collection of private Yara rules.

  yara-rulesyara-signaturesyaramalware-detectionransomware-detectionthreat-huntingthreat-intelligence
  Language:YARA 302

• volexity / threat-intel

  Signatures and IoCs from public Volexity blog posts.

  yarathreat-intelligenceyara-rulessuricata-rulessnort-rules
  Language:Python 287

• sapphirex00 / Threat-Hunting

  Personal compilation of APT malware from whitepaper releases, documents and own research

  threat-huntingthreat-intelligencethreat-sharingthreat-modelingcollectionmalwaremalware-analysismalware-researchyara-rulesmalware-detection
  251

• hyuunnn / Hyara

  Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)

  ida-pluginidapython-pluginidapythonyaracuttercutter-pluginbinaryninjabinaryninja-pluginyara-rulesidaidaproida-proghidraghidra-extensionghidra-plugin
  Language:Python 215

• PUNCH-Cyber / YaraGuardian

  Django web interface for managing Yara rules

  yararulesmanagermetricsyara-rulesyara-manageryara-metrics
  Language:Python 188

• plyara / plyara

  Parse YARA rules and operate over them more easily.

  yarayara-rulesparseryara-parserlexerplypythonpython3sly
  Language:Python 169

• Xumeiquer / yara-forensics

  Set of Yara rules for finding files using magics headers

  forensicsyarayara-rulesdump-filesmagic-headersyara-forensics
  Language:YARA 134

• alt3kx / wafaray

  Enhance your malware detection with WAF + YARA (WAFARAY)

  blueteamblueteamingpentestingsecurity-toolsthreat-intelligencethreathuntingwafyarayara-rules
  Language:Shell 105

• Hestat / lw-yara

  Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies

  dfirlw-yaramalware-detectionsignatureyara-rules
  Language:YARA 100

• michelcrypt4d4mus / yaralyzer

  Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.

  malwaremalware-analysismalware-detectionreverse-engineeringvisualizationyarayara-forensicsyara-scannerblueteamdfirhacking-toolnetsecnetsec-toolsyara-formatyara-integratedyara-rules
  Language:Python 99

• roadwy / DefenderYara

  Extracted Yara rules from Windows Defender mpavbase and mpasbase

  defenderyara-rulesantivirusyaradfiriocmalware-analysisyara-signaturesthreat-intelligence
  Language:YARA 95

• sbousseaden / YaraHunts

  Random hunting ordiented yara rules

  threat-huntingyara-rules
  Language:YARA 95

• InQuest / ThreatKB

  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

  yara-rulesyarayara-managermalware-researchyara-signatures
  Language:JavaScript 92

• blackberry / threat-research-and-intelligence

  BlackBerry Threat Research & Intelligence

  artificial-intelligenceiocsmachine-learningresearchsigma-rulessuricata-rulesthreatintelligenceyara-rules
  Language:Jupyter Notebook 88
• Judge-Jury-and-Executable

  AdamWhiteHat / Judge-Jury-and-Executable

  A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

  securitythreat-huntingantivirusscannerquery-languagecsharpforensics-level-scanningforensicsmftthreat-monitorforensic-analysisforensics-investigationsyarayara-scanneryara-rules
  Language:C# 78

• CIRCL / factual-rules-generator

  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.

  dfiryarayara-rulescomputer-forensics
  Language:Python 72

• RussianPanda95 / Yara-Rules

  Repository of Yara Rules

  malware-detectionmalware-researchyara-rules
  Language:YARA 72

• threatlabz / iocs

  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports

  iocsmalware-researchmalware-samplesyarayara-rules
  Language:YARA 60

• kweatherman / yara4ida

  Unofficial YARA IDA Pro plugin, along with an unparalleled crypto/hash/compression rule set based on Luigi Auriemma's signsrch signatures.

  cryptographyreverse-engineeringida-pluginyara-rulesyara-scanner
  Language:YARA 59

• t4d / PhishingKit-Yara-Search

  Yara scan Phishing Kit's Zip archive(s)

  yarayara-scanneryara-rulesphishingphishing-detectionphishing-kitphishing-sites
  Language:Python 52
• ThreatHunting-Keywords-yara-rules

  mthcht / ThreatHunting-Keywords-yara-rules

  yara detection rules for hunting with the threathunting-keywords project

  awesome-listblueteamdetection-engineeringdfirforensics-toolshacktoolshuntingincident-responseoffensive-securitythreat-huntingthreat-intelligenceyara-forensicsyara-rulesyara-scanneryara-signatures
  Language:YARA 51

• lprat / static_file_analysis

  Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

  analysisyara-rulesclamavmalware-analysissecurity-toolssecuritystatic-analysisdefensive-securitysigmayaradocker
  Language:YARA 49

• iomoath / yara-scanner

  YaraScanner is a file pattern-matching tool based on YARA rules.

  yara-scanneryara-rulesthreat-huntingpython3
  Language:Python 48

• bartblaze / FARA

  Repository that contains a set of purposefully erroneous Yara rules.

  yarayara-rulesyara-signatures
  Language:YARA 46

• thewhiteninja / yarasploit

  YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.

  yarayara-rulesyara-signaturesmetasploitshellcodepythonlinuxwindowsapi
  Language:YARA 42

• deadbits / yara-rules

  Collection of YARA signatures from individual research

  yarayara-rulesyara-signaturesmalware-analysismalware-researchmalware-detectionmalware-protection
  Language:YARA 41

• bandrel / OCyara

  Performs OCR on image files and scans them for matches to YARA rules

  yaratesseractocroptical-character-recognitionpython-3pythonyara-rulestesseract-ocr-api
  Language:Python 38

• CIRCL / yara-validator

  Validates yara rules and tries to repair the broken ones.

  yarayara-rulesdfir
  Language:Python 38

• ail-project / ail-yara-rules

  A set of YARA rules for the AIL framework to detect leak or information disclosure

  ail-yara-rulesail-frameworkinformation-disclosureyara-rulesyarayara-signatures
  Language:YARA 36