yara-rules

There are 5 repositories under yara-rules topic.

• InQuest / awesome-yara

  A curated list of awesome YARA rules, tools, and people.

  awesomeawesome-listawesome-yaraiocmalware-analysismalware-detectionmalware-researchmalware-rulesthreat-huntingyarayara-manageryara-rulesyara-scanneryara-signatures
  3446

• Neo23x0 / Loki

  Loki - Simple IOC and YARA Scanner

  antivirusdfirhashiocotxpythonscannersignatureyarayara-rules
  Language:Python 3318

• Neo23x0 / signature-base

  YARA signature and IOC database for my scanners and tools

  anti-virusdfirhashiocscannersignaturethreat-huntingthreat-intelligenceyarayara-rules
  Language:YARA 2423

• sroberts / awesome-iocs

  A collection of sources of indicators of compromise.

  awesomeawesome-listiocsignatureyara-rules
  Language:Shell 777
• reversinglabs-yara-rules

  reversinglabs / reversinglabs-yara-rules

  ReversingLabs YARA Rules

  reverse-engineeringyara-rulesyara-signaturesransomware-detectionransomware-preventionmalware-detectionindicators-of-compromiseyara
  Language:YARA 739

• KasperskyLab / klara

  Kaspersky's GReAT KLara

  yara-rulesklarathreat-intelligencethreat-hunting
  Language:PHP 692

• InQuest / yara-rules

  A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

  threat-huntingyarayara-rulesyara-signatures
  Language:Python 360

• bartblaze / Yara-rules

  Collection of private Yara rules.

  malware-detectionransomware-detectionthreat-huntingthreat-intelligenceyarayara-rulesyara-signatures
  Language:YARA 316

• volexity / threat-intel

  Signatures and IoCs from public Volexity blog posts.

  yarathreat-intelligenceyara-rulessuricata-rulessnort-rules
  Language:Python 306

• sapphirex00 / Threat-Hunting

  Personal compilation of APT malware from whitepaper releases, documents and own research

  threat-huntingthreat-intelligencethreat-sharingthreat-modelingcollectionmalwaremalware-analysismalware-researchyara-rulesmalware-detection
  253

• hyuunnn / Hyara

  Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)

  ida-pluginidapython-pluginidapythonyaracuttercutter-pluginbinaryninjabinaryninja-pluginyara-rulesidaidaproida-proghidraghidra-extensionghidra-plugin
  Language:Python 222

• roadwy / DefenderYara

  Extracted Yara rules from Windows Defender mpavbase and mpasbase

  antivirusdefenderdfiriocmalware-analysisthreat-intelligenceyarayara-rulesyara-signatures
  Language:YARA 194

• PUNCH-Cyber / YaraGuardian

  Django web interface for managing Yara rules

  yararulesmanagermetricsyara-rulesyara-manageryara-metrics
  Language:Python 188

• plyara / plyara

  Parse YARA rules and operate over them more easily.

  yarayara-rulesparseryara-parserlexerplypythonpython3sly
  Language:Python 172

• Xumeiquer / yara-forensics

  Set of Yara rules for finding files using magics headers

  forensicsyarayara-rulesdump-filesmagic-headersyara-forensics
  Language:YARA 134

• alt3kx / wafaray

  Enhance your malware detection with WAF + YARA (WAFARAY)

  blueteamblueteamingpentestingsecurity-toolsthreat-intelligencethreathuntingwafyarayara-rules
  Language:Shell 107

• Hestat / lw-yara

  Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies

  lw-yarayara-rulesmalware-detectionsignaturedfir
  Language:YARA 100

• michelcrypt4d4mus / yaralyzer

  Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.

  malwaremalware-analysismalware-detectionreverse-engineeringvisualizationyarayara-forensicsyara-scannerblueteamdfirhacking-toolnetsecnetsec-toolsyara-formatyara-integratedyara-rules
  Language:Python 100

• sbousseaden / YaraHunts

  Random hunting ordiented yara rules

  threat-huntingyara-rules
  Language:YARA 95

• InQuest / ThreatKB

  Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

  yara-rulesyarayara-managermalware-researchyara-signatures
  Language:JavaScript 94

• blackberry / threat-research-and-intelligence

  BlackBerry Threat Research & Intelligence

  artificial-intelligenceiocsmachine-learningresearchsigma-rulessuricata-rulesthreatintelligenceyara-rules
  Language:Jupyter Notebook 90
• Judge-Jury-and-Executable

  AdamWhiteHat / Judge-Jury-and-Executable

  A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

  antiviruscsharpforensic-analysisforensicsforensics-investigationsforensics-level-scanningmftquery-languagescannersecuritythreat-huntingthreat-monitoryarayara-rulesyara-scanner
  Language:C# 79

• RussianPanda95 / Yara-Rules

  Repository of Yara Rules

  malware-detectionmalware-researchyara-rules
  Language:YARA 79

• CIRCL / factual-rules-generator

  Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.

  computer-forensicsdfiryarayara-rules
  Language:Python 73
• ThreatHunting-Keywords-yara-rules

  mthcht / ThreatHunting-Keywords-yara-rules

  yara detection rules for hunting with the threathunting-keywords project

  awesome-listblueteamdetection-engineeringdfirforensics-toolshacktoolshuntingincident-responseoffensive-securitythreat-huntingthreat-intelligenceyara-forensicsyara-rulesyara-scanneryara-signatures
  Language:YARA 73

• ThreatLabz / iocs

  This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports

  iocsmalware-researchmalware-samplesyarayara-rules
  Language:YARA 64

• kweatherman / yara4ida

  Unofficial YARA IDA Pro plugin, along with an unparalleled crypto/hash/compression rule set based on Luigi Auriemma's signsrch signatures.

  cryptographyreverse-engineeringida-pluginyara-rulesyara-scanner
  Language:YARA 62

• iomoath / yara-scanner

  YaraScanner is a file pattern-matching tool based on YARA rules.

  yara-scanneryara-rulesthreat-huntingpython3
  Language:Python 53

• t4d / PhishingKit-Yara-Search

  Yara scan Phishing Kit's Zip archive(s)

  yarayara-scanneryara-rulesphishingphishing-detectionphishing-kitphishing-sites
  Language:Python 51

• lprat / static_file_analysis

  Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

  analysisyara-rulesclamavmalware-analysissecurity-toolssecuritystatic-analysisdefensive-securitysigmayaradocker
  Language:YARA 48

• bartblaze / FARA

  Repository that contains a set of purposefully erroneous Yara rules.

  yarayara-rulesyara-signatures
  Language:YARA 47

• thewhiteninja / yarasploit

  YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.

  yarayara-rulesyara-signaturesmetasploitshellcodepythonlinuxwindowsapi
  Language:YARA 42

• deadbits / yara-rules

  Collection of YARA signatures from individual research

  yarayara-rulesyara-signaturesmalware-analysismalware-researchmalware-detectionmalware-protection
  Language:YARA 41

• bandrel / OCyara

  Performs OCR on image files and scans them for matches to YARA rules

  yaratesseractocroptical-character-recognitionpython-3pythonyara-rulestesseract-ocr-api
  Language:Python 39

• CIRCL / yara-validator

  Validates yara rules and tries to repair the broken ones.

  yarayara-rulesdfir
  Language:Python 38

• pseudo-security / slacksecrets

  Scans Slack for API tokens, credentials, passwords, and more using YARA rules

  yarayara-rulesslackpythonsecurityinfosec
  Language:Python 37