Top 70 YARA open source projects

Implementation of the DIMVA 2017 publication "Quincy: Detecting Host-Based Code Injection Attacks in Memory Dumps"

DataCon2020大数据安全分析大赛，🏆【方向五】恶意代码分析冠军源码。

This project is a SIEM with SIRP and Threat Intel, all in one.

A Malware classifier dataset built with header fields’ values of Portable Executable files

Multiple rules for yara-project for detect compiler/packer/protector

This is just my personal compilation of APT malware from whitepaper releases, documents and malware samples from my personal research.

Repository of yara rules

No description, website, or topics provided.

Signatures and IoCs from public Volexity blog posts.

整理每个流行botnet家族的专杀脚本、靶机环境、检测规则、病毒样本、病毒原理图

A collection of my public YARA signatures for various malware families

JIRA Secure Attachment Looter

"Golden" certificates

No description, website, or topics provided.

a collection of public yara rules

No description, website, or topics provided.

Yara filetype plugin for Vim.

whohk，linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况，有的时候还需要做一些格式处理，这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来，并处理成了较为友好的格式，只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。

Research indicators and detection rules

Yara rules to be used with the Burp Yara-Scanner extension