FunnelFunnel is a lightweight yara-based feed scraper
Stars: ✭ 38 (+11.76%)
moleYara powered NIDS with high speed packet capture powered by PF_RING
Stars: ✭ 51 (+50%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (+738.24%)
ThreatKBKnowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (+100%)
vim-syntax-yaraA Vim syntax-highlighting file for YARA rules
Stars: ✭ 26 (-23.53%)
Icewater16,432 Free Yara rules created by
Stars: ✭ 324 (+852.94%)
yara-parserTools for parsing rulesets using the exact grammar as YARA. Written in Go.
Stars: ✭ 69 (+102.94%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+861.76%)
apooxmlGenerate YARA rules for OOXML documents.
Stars: ✭ 34 (+0%)
whohkwhohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。
Stars: ✭ 260 (+664.71%)
Yara PythonThe Python interface for YARA
Stars: ✭ 368 (+982.35%)
factual-rules-generatorFactual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Stars: ✭ 62 (+82.35%)
HyaraYara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)
Stars: ✭ 142 (+317.65%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+782.35%)
YaraSharpC# wrapper around the Yara pattern matching library
Stars: ✭ 29 (-14.71%)
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
Stars: ✭ 25 (-26.47%)
yaraMalice Yara Plugin
Stars: ✭ 27 (-20.59%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (+676.47%)
ImHex-PatternsHex patterns, include patterns and magic files for the use with the ImHex Hex Editor
Stars: ✭ 192 (+464.71%)
YaraThe pattern matching swiss knife
Stars: ✭ 5,209 (+15220.59%)
uzenWebsite crawler with YARA detection
Stars: ✭ 84 (+147.06%)
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Stars: ✭ 23 (-32.35%)
YaraSyntaxYARA package for Sublime Text
Stars: ✭ 15 (-55.88%)
Judge-Jury-and-ExecutableA file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Stars: ✭ 66 (+94.12%)
StrelkaReal-time, container-based file scanning at enterprise scale
Stars: ✭ 387 (+1038.24%)
yaramanagerSimple yara rule manager
Stars: ✭ 60 (+76.47%)
ManalyzeA static analyzer for PE executables.
Stars: ✭ 701 (+1961.76%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (+935.29%)
python-icap-yaraAn ICAP Server with yara scanner for URL and content.
Stars: ✭ 50 (+47.06%)
DidierstevenssuitePlease no pull requests for this repository. Thanks!
Stars: ✭ 856 (+2417.65%)
yara-rustRust bindings for VirusTotal/Yara
Stars: ✭ 35 (+2.94%)
HamburglarHamburglar -- collect useful information from urls, directories, and files
Stars: ✭ 321 (+844.12%)
swisscheeseExploits for YARA 3.7.1 & 3.8.1
Stars: ✭ 26 (-23.53%)
yara-validatorValidates yara rules and tries to repair the broken ones.
Stars: ✭ 37 (+8.82%)
Yara RulesRepository of YARA rules made by McAfee ATR Team
Stars: ✭ 283 (+732.35%)
detectionDetection in the form of Yara, Snort and ClamAV signatures.
Stars: ✭ 70 (+105.88%)
Operation WocaoOperation Wocao - Indicators of Compromise
Stars: ✭ 29 (-14.71%)
r2yarar2yara - Module for Yara using radare2 information
Stars: ✭ 30 (-11.76%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (+238.24%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+1352.94%)
binlexA Binary Genetic Traits Lexer Framework
Stars: ✭ 303 (+791.18%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (+14.71%)
S1EMThis project is a SIEM with SIRP and Threat Intel, all in one.
Stars: ✭ 270 (+694.12%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+2238.24%)
threat-intelSignatures and IoCs from public Volexity blog posts.
Stars: ✭ 130 (+282.35%)
yarasploitYaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
Stars: ✭ 31 (-8.82%)
yara-exporterExporting MISP event attributes to yara rules usable with Thor apt scanner
Stars: ✭ 22 (-35.29%)
PeframePEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
Stars: ✭ 472 (+1288.24%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-61.76%)
Malware IocIndicators of Compromises (IOC) of our various investigations
Stars: ✭ 955 (+2708.82%)
IocsIoC's, PCRE's, YARA's etc
Stars: ✭ 15 (-55.88%)
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
Stars: ✭ 732 (+2052.94%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+1191.18%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (+0%)