All Projects → Rootkits → Similar Projects or Alternatives

94 Open source projects that are alternatives of or similar to Rootkits

yaramanager

Simple yara rule manager

Stars: ✭ 60 (-4.76%)

Mutual labels: yara

swisscheese

Exploits for YARA 3.7.1 & 3.8.1

Stars: ✭ 26 (-58.73%)

Mutual labels: yara

Stoq

An open source framework for enterprise level automated analysis.

Stars: ✭ 352 (+458.73%)

Mutual labels: yara

yara-rules

Yara rules written by me, for free use.

Stars: ✭ 13 (-79.37%)

Mutual labels: yara

yara-forensics

Set of Yara rules for finding files using magics headers

Stars: ✭ 115 (+82.54%)

Mutual labels: yara

Peframe

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

Stars: ✭ 472 (+649.21%)

Mutual labels: yara

python-icap-yara

An ICAP Server with yara scanner for URL and content.

Stars: ✭ 50 (-20.63%)

Mutual labels: yara

Yargen

yarGen is a generator for YARA rules

Stars: ✭ 795 (+1161.9%)

Mutual labels: yara

detection

Detection in the form of Yara, Snort and ClamAV signatures.

Stars: ✭ 70 (+11.11%)

Mutual labels: yara

Yara Rules

Repository of YARA rules made by McAfee ATR Team

Stars: ✭ 283 (+349.21%)

Mutual labels: yara

yarasploit

YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.

Stars: ✭ 31 (-50.79%)

Mutual labels: yara

S1EM

This project is a SIEM with SIRP and Threat Intel, all in one.

Stars: ✭ 270 (+328.57%)

Mutual labels: yara

Multiscanner

Modular file scanning/analysis framework

Stars: ✭ 494 (+684.13%)

Mutual labels: yara

YaraSyntax

YARA package for Sublime Text

Stars: ✭ 15 (-76.19%)

Mutual labels: yara

Didierstevenssuite

Please no pull requests for this repository. Thanks!

Stars: ✭ 856 (+1258.73%)

Mutual labels: yara

PhishingKit-Yara-Rules

Repository of Yara rules dedicated to Phishing Kits Zip files

Stars: ✭ 71 (+12.7%)

Mutual labels: yara

Strelka

Real-time, container-based file scanning at enterprise scale

Stars: ✭ 387 (+514.29%)

Mutual labels: yara

yara-rust

Rust bindings for VirusTotal/Yara

Stars: ✭ 35 (-44.44%)

Mutual labels: yara

Binjadock

An extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.

Stars: ✭ 34 (-46.03%)

Mutual labels: yara

yara-validator

Validates yara rules and tries to repair the broken ones.

Stars: ✭ 37 (-41.27%)

Mutual labels: yara

Hamburglar

Hamburglar -- collect useful information from urls, directories, and files

Stars: ✭ 321 (+409.52%)

Mutual labels: yara

r2yara

r2yara - Module for Yara using radare2 information

Stars: ✭ 30 (-52.38%)

Mutual labels: yara

Manalyze

A static analyzer for PE executables.

Stars: ✭ 701 (+1012.7%)

Mutual labels: yara

binlex

A Binary Genetic Traits Lexer Framework

Stars: ✭ 303 (+380.95%)

Mutual labels: yara

Reversinglabs Yara Rules

ReversingLabs YARA Rules

Stars: ✭ 280 (+344.44%)

Mutual labels: yara

freki

🐺 Malware analysis platform

Stars: ✭ 327 (+419.05%)

Mutual labels: yara

vim-syntax-yara

A Vim syntax-highlighting file for YARA rules

Stars: ✭ 26 (-58.73%)

Mutual labels: yara

Sunburst countermeasures

Stars: ✭ 519 (+723.81%)

Mutual labels: yara

MeltingPot

A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.

Stars: ✭ 23 (-63.49%)

Mutual labels: yara

Iocs

IoC's, PCRE's, YARA's etc

Stars: ✭ 15 (-76.19%)

Mutual labels: yara

static file analysis

Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

Stars: ✭ 34 (-46.03%)

Mutual labels: yara

Yara

The pattern matching swiss knife

Stars: ✭ 5,209 (+8168.25%)

Mutual labels: yara

apooxml

Generate YARA rules for OOXML documents.

Stars: ✭ 34 (-46.03%)

Mutual labels: yara

Rpot

Real-time Packet Observation Tool

Stars: ✭ 38 (-39.68%)

Mutual labels: yara

ThreatKB

Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

Stars: ✭ 68 (+7.94%)

Mutual labels: yara

Threatingestor

Extract and aggregate threat intelligence.

Stars: ✭ 439 (+596.83%)

Mutual labels: yara

factual-rules-generator

Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.

Stars: ✭ 62 (-1.59%)

Mutual labels: yara

Holmes Totem

Investigation Planner for fast running analysis with predictable execution time. For example, static analysis.

Stars: ✭ 25 (-60.32%)

Mutual labels: yara

Funnel

Funnel is a lightweight yara-based feed scraper

Stars: ✭ 38 (-39.68%)

Mutual labels: yara

Yara Python

The Python interface for YARA

Stars: ✭ 368 (+484.13%)

Mutual labels: yara

Hyara

Yara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)

Stars: ✭ 142 (+125.4%)

Mutual labels: yara

Pecli

CLI tool to analyze PE files

Stars: ✭ 46 (-26.98%)

Mutual labels: yara

PhishingKit-Yara-Search

Yara scan Phishing Kit's Zip archive(s)

Stars: ✭ 24 (-61.9%)

Mutual labels: yara

Icewater

16,432 Free Yara rules created by

Stars: ✭ 324 (+414.29%)

Mutual labels: yara

YaraSharp

C# wrapper around the Yara pattern matching library

Stars: ✭ 29 (-53.97%)

Mutual labels: yara

Ghidra scripts

Scripts for the Ghidra software reverse engineering suite.

Stars: ✭ 732 (+1061.9%)

Mutual labels: yara

mole

Yara powered NIDS with high speed packet capture powered by PF_RING

Stars: ✭ 51 (-19.05%)

Mutual labels: yara

Python Iocextract

Defanged Indicator of Compromise (IOC) Extractor.

Stars: ✭ 300 (+376.19%)

Mutual labels: yara

yara

Malice Yara Plugin

Stars: ✭ 27 (-57.14%)

Mutual labels: yara

Malware Ioc

Indicators of Compromises (IOC) of our various investigations

Stars: ✭ 955 (+1415.87%)

Mutual labels: yara

yara-parser

Tools for parsing rulesets using the exact grammar as YARA. Written in Go.

Stars: ✭ 69 (+9.52%)

Mutual labels: yara

Freki

🐺 Malware analysis platform

Stars: ✭ 285 (+352.38%)

Mutual labels: yara

ImHex-Patterns

Hex patterns, include patterns and magic files for the use with the ImHex Hex Editor

Stars: ✭ 192 (+204.76%)

Mutual labels: yara

Mitigating Web Shells

Guidance for mitigation web shells. #nsacyber

Stars: ✭ 698 (+1007.94%)

Mutual labels: yara

Mquery

YARA malware query accelerator (web frontend)

Stars: ✭ 264 (+319.05%)

Mutual labels: yara

Yarasigs

Various Yara signatures (possibly to be included in a release later).

Stars: ✭ 59 (-6.35%)

Mutual labels: yara

Apkid

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

Stars: ✭ 999 (+1485.71%)

Mutual labels: yara

Operation Wocao

Operation Wocao - Indicators of Compromise

Stars: ✭ 29 (-53.97%)

Mutual labels: yara

Die Engine

DIE engine

Stars: ✭ 648 (+928.57%)

Mutual labels: yara

Yobi

Yara Based Detection Engine for web browsers

Stars: ✭ 39 (-38.1%)

Mutual labels: yara

1-60 of 94 similar projects

›