468 Open source projects that are alternatives of or similar to yara-rules

Signature base for my scanner tools

Malcom - Malware Communications Analyzer

🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more

Defanged Indicator of Compromise (IOC) Extractor.

Extract and aggregate threat intelligence.

Loki - Simple IOC and Incident Response Scanner

Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules

Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.

🐺 Malware analysis platform

🐺 Malware analysis platform

Signatures and IoCs from public Volexity blog posts.

Validates yara rules and tries to repair the broken ones.

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

16,432 Free Yara rules created by

Modular file scanning/analysis framework

CLI tool to analyze PE files

yarGen is a generator for YARA rules

Malware Analysis, Threat Intelligence and Reverse Engineering: LABS

A curated list of awesome YARA rules, tools, and people.

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

Automated Docker MISP container - Malware Information Sharing Platform and Threat Sharing

Don't Just Search OSINT. Sweep It.

Defund the Police.

Yara Based Detection Engine for web browsers

An open source script to perform malware static analysis on Portable Executable

A tool to help malware analysts signature unique parts of RTF documents

A script to assist in processing forensic RAM captures for malware triage

Warning lists to inform users of MISP about potential false-positives or other information in indicators

The CyberCX Digger project is designed to help Australian organisations determine if they have been impacted by certain high profile cyber security incidents. Digger provides threat hunting functionality packaged in a simple-to-use tool, allowing users to detect certain attacker activities; all for free.

An open source framework for enterprise level automated analysis.

Malware hashes for open source projects.

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

BeSafe is robust threat analyzer which help to protect your desktop environment and know what's happening around you

Bringing you the best of the worst files on the Internet.

YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.

Intel Owl: analyze files, domains, IPs in multiple ways from a single API at scale

Awesome CSIRT is an curated list of links and resources in security and CSIRT daily activities.

Personal compilation of APT malware from whitepaper releases, documents and own research

A toolkit for Security Researchers

A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.

VirusTotal Wanna Be - Now with 100% more Hipster

A simple many-rules to many-files YARA scanner for incident response or malware zoos.

Malware Sample Sources

All-in-one bundle of MISP, TheHive and Cortex

Yara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)

Tools for the Computer Incident Response Team 💻

Yet another implementation of PEiD with yara

Set of Yara rules for finding files using magics headers

Malice Yara Plugin

An ICAP Server with yara scanner for URL and content.

A Binary Genetic Traits Lexer Framework

#ThreatHunting #DFIR #Malware #Detection Mind Maps

Python tool and library to help analyze files during malware triage and analysis.

Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies

Collection of malware persistence and hunting information. Be a persistent persistence hunter!

Yara scan Phishing Kit's Zip archive(s)

Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

Best practices in threat intelligence

Aggregated Indicators of Compromise collected and cross-verified from multiple open and community-supported sources, enriched and ranked using our intelligence platform for you. Threat Intelligence, Threat feed, Open source feed.

Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.