Pepper An open source script to perform malware static analysis on Portable Executable
FsfFile Scanning Framework
YextendYara integrated software to handle archive file data.
Yara RulesA collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
DailyiocIOC from articles, tweets for archives
LokiLoki - Simple IOC and Incident Response Scanner
IocsSophos-originated indicators-of-compromise from published reports
PlyaraParse YARA rules and operate over them more easily.
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Lw YaraYara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
MascA Web Malware Scanner
UrsadbTrigram database written in C++, suited for malware indexing
BalbuzardBalbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
BinaryalertBinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
YarasigsVarious Yara signatures (possibly to be included in a release later).
PecliCLI tool to analyze PE files
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
RpotReal-time Packet Observation Tool
BinjadockAn extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.
Malware IocIndicators of Compromises (IOC) of our various investigations
IocsIoC's, PCRE's, YARA's etc
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
YargenyarGen is a generator for YARA rules
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
ManalyzeA static analyzer for PE executables.
YaraThe pattern matching swiss knife
PeframePEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
StrelkaReal-time, container-based file scanning at enterprise scale
StoqAn open source framework for enterprise level automated analysis.
Icewater16,432 Free Yara rules created by
HamburglarHamburglar -- collect useful information from urls, directories, and files
Yara RulesRepository of YARA rules made by McAfee ATR Team
Freki🐺 Malware analysis platform
MqueryYARA malware query accelerator (web frontend)
YobiYara Based Detection Engine for web browsers
freki🐺 Malware analysis platform
yarasploitYaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.