ThreatKBKnowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (+15.25%)
Icewater16,432 Free Yara rules created by
Stars: ✭ 324 (+449.15%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-42.37%)
yara-parserTools for parsing rulesets using the exact grammar as YARA. Written in Go.
Stars: ✭ 69 (+16.95%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+644.07%)
FunnelFunnel is a lightweight yara-based feed scraper
Stars: ✭ 38 (-35.59%)
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
Stars: ✭ 732 (+1140.68%)
moleYara powered NIDS with high speed packet capture powered by PF_RING
Stars: ✭ 51 (-13.56%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (+383.05%)
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Stars: ✭ 23 (-61.02%)
vim-syntax-yaraA Vim syntax-highlighting file for YARA rules
Stars: ✭ 26 (-55.93%)
YaraThe pattern matching swiss knife
Stars: ✭ 5,209 (+8728.81%)
apooxmlGenerate YARA rules for OOXML documents.
Stars: ✭ 34 (-42.37%)
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
Stars: ✭ 25 (-57.63%)
factual-rules-generatorFactual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Stars: ✭ 62 (+5.08%)
Yara PythonThe Python interface for YARA
Stars: ✭ 368 (+523.73%)
HyaraYara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)
Stars: ✭ 142 (+140.68%)
Malware IocIndicators of Compromises (IOC) of our various investigations
Stars: ✭ 955 (+1518.64%)
YaraSharpC# wrapper around the Yara pattern matching library
Stars: ✭ 29 (-50.85%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+408.47%)
yaraMalice Yara Plugin
Stars: ✭ 27 (-54.24%)
ImHex-PatternsHex patterns, include patterns and magic files for the use with the ImHex Hex Editor
Stars: ✭ 192 (+225.42%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (+347.46%)
yarasploitYaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
Stars: ✭ 31 (-47.46%)
threat-intelSignatures and IoCs from public Volexity blog posts.
Stars: ✭ 130 (+120.34%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+737.29%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-77.97%)
DidierstevenssuitePlease no pull requests for this repository. Thanks!
Stars: ✭ 856 (+1350.85%)
YaraSyntaxYARA package for Sublime Text
Stars: ✭ 15 (-74.58%)
PeframePEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
Stars: ✭ 472 (+700%)
yaramanagerSimple yara rule manager
Stars: ✭ 60 (+1.69%)
BinjadockAn extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.
Stars: ✭ 34 (-42.37%)
StrelkaReal-time, container-based file scanning at enterprise scale
Stars: ✭ 387 (+555.93%)
python-icap-yaraAn ICAP Server with yara scanner for URL and content.
Stars: ✭ 50 (-15.25%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+1247.46%)
yara-rustRust bindings for VirusTotal/Yara
Stars: ✭ 35 (-40.68%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (+496.61%)
swisscheeseExploits for YARA 3.7.1 & 3.8.1
Stars: ✭ 26 (-55.93%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+1593.22%)
yara-validatorValidates yara rules and tries to repair the broken ones.
Stars: ✭ 37 (-37.29%)
HamburglarHamburglar -- collect useful information from urls, directories, and files
Stars: ✭ 321 (+444.07%)
detectionDetection in the form of Yara, Snort and ClamAV signatures.
Stars: ✭ 70 (+18.64%)
ManalyzeA static analyzer for PE executables.
Stars: ✭ 701 (+1088.14%)
r2yarar2yara - Module for Yara using radare2 information
Stars: ✭ 30 (-49.15%)
Yara RulesRepository of YARA rules made by McAfee ATR Team
Stars: ✭ 283 (+379.66%)
yara-forensicsSet of Yara rules for finding files using magics headers
Stars: ✭ 115 (+94.92%)
Operation WocaoOperation Wocao - Indicators of Compromise
Stars: ✭ 29 (-50.85%)
binlexA Binary Genetic Traits Lexer Framework
Stars: ✭ 303 (+413.56%)
S1EMThis project is a SIEM with SIRP and Threat Intel, all in one.
Stars: ✭ 270 (+357.63%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-33.9%)
PecliCLI tool to analyze PE files
Stars: ✭ 46 (-22.03%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-35.59%)
IocsIoC's, PCRE's, YARA's etc
Stars: ✭ 15 (-74.58%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+454.24%)