94 Open source projects that are alternatives of or similar to Sunburst_countermeasures

Set of Yara rules for finding files using magics headers

Exporting MISP event attributes to yara rules usable with Thor apt scanner

Simple yara rule manager

Detection in the form of Yara, Snort and ClamAV signatures.

No description, website, or topics provided.

Yara rules written by me, for free use.

This project is a SIEM with SIRP and Threat Intel, all in one.

Repository of YARA rules made by McAfee ATR Team

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

An ICAP Server with yara scanner for URL and content.

Validates yara rules and tries to repair the broken ones.

Go bindings for YARA

YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.

r2yara - Module for Yara using radare2 information

Hamburglar -- collect useful information from urls, directories, and files

A Binary Genetic Traits Lexer Framework

YARA package for Sublime Text

Signatures and IoCs from public Volexity blog posts.

Real-time, container-based file scanning at enterprise scale

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

Repository of Yara rules dedicated to Phishing Kits Zip files

Repository of yara rules

ReversingLabs YARA Rules

A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

Rust bindings for VirusTotal/Yara

Yara scan Phishing Kit's Zip archive(s)

YARA Rules I come across on the internet

🐺 Malware analysis platform

C# wrapper around the Yara pattern matching library

16,432 Free Yara rules created by

Yara powered NIDS with high speed packet capture powered by PF_RING

A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.

Malice Yara Plugin

Extract and aggregate threat intelligence.

Tools for parsing rulesets using the exact grammar as YARA. Written in Go.

Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

Hex patterns, include patterns and magic files for the use with the ImHex Hex Editor

Defanged Indicator of Compromise (IOC) Extractor.

A Vim syntax-highlighting file for YARA rules

Generate YARA rules for OOXML documents.

Website crawler with YARA detection

The pattern matching swiss knife

whohk，linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况，有的时候还需要做一些格式处理，这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来，并处理成了较为友好的格式，只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。

Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

Yet another implementation of PEiD with yara

🐺 Malware analysis platform

An open source script to perform malware static analysis on Portable Executable

Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.

File Scanning Framework

The Python interface for YARA

Yara integrated software to handle archive file data.

Funnel is a lightweight yara-based feed scraper

Citizen Lab Malware Reports

YARA malware query accelerator (web frontend)

Yara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)

Modular file scanning/analysis framework

PEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.

An open source framework for enterprise level automated analysis.

Yara Based Detection Engine for web browsers

Exploits for YARA 3.7.1 & 3.8.1