94 Open source projects that are alternatives of or similar to Open Source Yara Rules

Extract and aggregate threat intelligence.

🐺 Malware analysis platform

Real-time Packet Observation Tool

Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

16,432 Free Yara rules created by

Detect potentially malicious PHP files

🐺 Malware analysis platform

IoC's, PCRE's, YARA's etc

Guidance for mitigation web shells. #nsacyber

Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

Balbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.

The pattern matching swiss knife

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

The Python interface for YARA

CLI tool to analyze PE files

Defanged Indicator of Compromise (IOC) Extractor.

Tools for hunting for threats.

YARA malware query accelerator (web frontend)

Indicators of Compromises (IOC) of our various investigations

A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.

Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies

Generate YARA rules for OOXML documents.

Investigation Planner for fast running analysis with predictable execution time. For example, static analysis.

A static analyzer for PE executables.

Repository of Yara rules dedicated to Phishing Kits Zip files

Trigram database written in C++, suited for malware indexing

DIE engine

Parse YARA rules and operate over them more easily.

Modular file scanning/analysis framework

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

Django web interface for managing Yara rules

Real-time, container-based file scanning at enterprise scale

Various Yara signatures (possibly to be included in a release later).

An open source framework for enterprise level automated analysis.

A curated list of awesome YARA rules, tools, and people.

Hamburglar -- collect useful information from urls, directories, and files

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

Repository of YARA rules made by McAfee ATR Team

IOC from articles, tweets for archives

ReversingLabs YARA Rules

An extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.

Yara Based Detection Engine for web browsers

Signature base for my scanner tools

YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.

Operation Wocao - Indicators of Compromise

Yara rules written by me, for free use.

Sophos-originated indicators-of-compromise from published reports

YARA package for Sublime Text

Please no pull requests for this repository. Thanks!

Simple yara rule manager

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

yarGen is a generator for YARA rules

APT & CyberCriminal Campaign Collection

Loki - Simple IOC and Incident Response Scanner

WALKOFF-enabled applications. #nsacyber

A Web Malware Scanner

Scripts for the Ghidra software reverse engineering suite.