Yara PythonThe Python interface for YARA
Stars: ✭ 368 (+120.36%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (+58.08%)
Malware IocIndicators of Compromises (IOC) of our various investigations
Stars: ✭ 955 (+471.86%)
YaraThe pattern matching swiss knife
Stars: ✭ 5,209 (+3019.16%)
apooxmlGenerate YARA rules for OOXML documents.
Stars: ✭ 34 (-79.64%)
PecliCLI tool to analyze PE files
Stars: ✭ 46 (-72.46%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+79.64%)
Lw YaraYara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
Stars: ✭ 78 (-53.29%)
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Stars: ✭ 23 (-86.23%)
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
Stars: ✭ 25 (-85.03%)
factual-rules-generatorFactual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Stars: ✭ 62 (-62.87%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+162.87%)
Icewater16,432 Free Yara rules created by
Stars: ✭ 324 (+94.01%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-77.25%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (+70.66%)
Walkoff AppsWALKOFF-enabled applications. #nsacyber
Stars: ✭ 125 (-25.15%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+95.81%)
IocsIoC's, PCRE's, YARA's etc
Stars: ✭ 15 (-91.02%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-79.64%)
MascA Web Malware Scanner
Stars: ✭ 74 (-55.69%)
ThreatKBKnowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (-59.28%)
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
Stars: ✭ 732 (+338.32%)
python-icap-yaraAn ICAP Server with yara scanner for URL and content.
Stars: ✭ 50 (-70.06%)
BinaryalertBinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Stars: ✭ 1,125 (+573.65%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+195.81%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+734.73%)
PeframePEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
Stars: ✭ 472 (+182.63%)
YarasigsVarious Yara signatures (possibly to be included in a release later).
Stars: ✭ 59 (-64.67%)
StrelkaReal-time, container-based file scanning at enterprise scale
Stars: ✭ 387 (+131.74%)
IocsSophos-originated indicators-of-compromise from published reports
Stars: ✭ 128 (-23.35%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (+110.78%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+498.2%)
HamburglarHamburglar -- collect useful information from urls, directories, and files
Stars: ✭ 321 (+92.22%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+625.75%)
Yara RulesRepository of YARA rules made by McAfee ATR Team
Stars: ✭ 283 (+69.46%)
BinjadockAn extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.
Stars: ✭ 34 (-79.64%)
YaraguardianDjango web interface for managing Yara rules
Stars: ✭ 156 (-6.59%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-76.65%)
Operation WocaoOperation Wocao - Indicators of Compromise
Stars: ✭ 29 (-82.63%)
yarasploitYaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
Stars: ✭ 31 (-81.44%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-55.09%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-92.22%)
DidierstevenssuitePlease no pull requests for this repository. Thanks!
Stars: ✭ 856 (+412.57%)
YaraSyntaxYARA package for Sublime Text
Stars: ✭ 15 (-91.02%)
PlyaraParse YARA rules and operate over them more easily.
Stars: ✭ 108 (-35.33%)
yaramanagerSimple yara rule manager
Stars: ✭ 60 (-64.07%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+376.05%)
UrsadbTrigram database written in C++, suited for malware indexing
Stars: ✭ 72 (-56.89%)
ManalyzeA static analyzer for PE executables.
Stars: ✭ 701 (+319.76%)
LokiLoki - Simple IOC and Incident Response Scanner
Stars: ✭ 2,217 (+1227.54%)
ThreathuntingTools for hunting for threats.
Stars: ✭ 153 (-8.38%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (-35.33%)
BalbuzardBalbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
Stars: ✭ 70 (-58.08%)