All Categories → Security → yara

Top 92 yara open source projects

static file analysis

Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

✭ 34

YARA python docker security analysis static-analysis clamav malware-analysis sigma yara yara-rules security-tools defensive-security

YARA package for Sublime Text

✭ 15

YARA syntax-highlighting sublime-text yara

Generate YARA rules for OOXML documents.

✭ 34

python security detection malware ooxml yara

Simple yara rule manager

✭ 60

python Mako cli sqlite yara

Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

✭ 68

javascript python HTML CSS shell Dockerfile malware-research yara yara-rules yara-manager yara-signatures

PhishingKit-Yara-Rules

Repository of Yara rules dedicated to Phishing Kits Zip files

✭ 71

YARA phishing yara phishing-kit phishing-detection

factual-rules-generator

Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.

✭ 62

python dfir yara computer-forensics yara-rules

python-icap-yara

An ICAP Server with yara scanner for URL and content.

✭ 50

python malware-analysis yara squid-proxy icap-server icap

Funnel is a lightweight yara-based feed scraper

✭ 38

python YARA rss osint yara

Rust bindings for VirusTotal/Yara

✭ 35

rust c pattern-matching rust-bindings yara

Yara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)

✭ 142

python ida cutter ida-pro ida-plugin idapython yara idapro binaryninja yara-rules idapython-plugin binaryninja-plugin cutter-plugin

Exploits for YARA 3.7.1 & 3.8.1

✭ 26

python poc yara cve-2018-12034 cve-2018-12035

PhishingKit-Yara-Search

Yara scan Phishing Kit's Zip archive(s)

✭ 24

python YARA phishing yara yara-rules phishing-sites yara-scanner phishing-kit phishing-detection

Validates yara rules and tries to repair the broken ones.

✭ 37

python dfir yara yara-rules

C# wrapper around the Yara pattern matching library

✭ 29

c Yacc C++Lex M4 python wrapper net wrapper-api yara wrapper-library yara-forensics yara-scanner libyara async-scanning

Detection in the form of Yara, Snort and ClamAV signatures.

✭ 70

YARA python rules ioc detection clamav signatures yara snort

Yara powered NIDS with high speed packet capture powered by PF_RING

✭ 51

go shell Makefile YARA pf-ring ids libpcap nids yara

r2yara - Module for Yara using radare2 information

✭ 30

c python malware hunting radare2 yara r2

Malice Yara Plugin

✭ 27

YARA plugin docker malware malware-analyzer malware-analysis malware-research yara malice malware-detection malice-plugin

Set of Yara rules for finding files using magics headers

✭ 115

YARA shell forensics yara yara-rules dump-files magic-headers yara-forensics

Tools for parsing rulesets using the exact grammar as YARA. Written in Go.

✭ 69

go Yacc Lex YARA security json detection lexer ruleset signatures yara security-tools yara-ruleset yara-parser

A Binary Genetic Traits Lexer Framework

✭ 303

C++python shell CMake c javascript machine-learning genetic-algorithm reverse-engineering malware genetic-programming malware-analysis malware-research yara

Hex patterns, include patterns and magic files for the use with the ImHex Hex Editor

✭ 192

rust C++python CMake constants encoding magic patterns data-structures hacktoberfest yara formats pattern-language imhex

This project is a SIEM with SIRP and Threat Intel, all in one.

✭ 270

YARA docker elasticsearch kibana logstash filebeat malware clamav suricata traefik misp thehive cortex sigma yara homer zeek opencti mwdb n8n arkime

vim-syntax-yara

A Vim syntax-highlighting file for YARA rules

✭ 26

Vim Script syntax-highlighting vim yara

Signatures and IoCs from public Volexity blog posts.

✭ 130

python YARA ruby yara yara-rules threat-intelligence snort-rules suricata-rules

Website crawler with YARA detection

✭ 84

python Vue typescript yara headless-chrome

Exporting MISP event attributes to yara rules usable with Thor apt scanner

✭ 22

python apt analysis scanner incident-response cert csirt thor misp yara

whohk，linux下一款强大的应急响应工具在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况，有的时候还需要做一些格式处理，这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来，并处理成了较为友好的格式，只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。

✭ 260

YARA python yara

Judge-Jury-and-Executable

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

✭ 66

c C#Yacc C++Lex M4 security scanner forensics antivirus threat-hunting query-language yara forensic-analysis yara-rules mft yara-scanner forensics-investigations threat-monitor forensics-level-scanning

Yet another implementation of PEiD with yara

✭ 12

go Makefile binary-analysis yara yara-rules peid

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

✭ 23

python incident-response dfir yara yara-scanner

61-92 of 92 yara projects