Icewater16,432 Free Yara rules created by
Stars: ✭ 324 (+56.52%)
Ghidra scriptsScripts for the Ghidra software reverse engineering suite.
Stars: ✭ 732 (+253.62%)
freki🐺 Malware analysis platform
Stars: ✭ 327 (+57.97%)
MascA Web Malware Scanner
Stars: ✭ 74 (-64.25%)
ThreatingestorExtract and aggregate threat intelligence.
Stars: ✭ 439 (+112.08%)
Walkoff AppsWALKOFF-enabled applications. #nsacyber
Stars: ✭ 125 (-39.61%)
Freki🐺 Malware analysis platform
Stars: ✭ 285 (+37.68%)
RpotReal-time Packet Observation Tool
Stars: ✭ 38 (-81.64%)
Holmes TotemInvestigation Planner for fast running analysis with predictable execution time. For example, static analysis.
Stars: ✭ 25 (-87.92%)
static file analysisAnalysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Stars: ✭ 34 (-83.57%)
Lw YaraYara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
Stars: ✭ 78 (-62.32%)
ThreathuntingTools for hunting for threats.
Stars: ✭ 153 (-26.09%)
YaraThe pattern matching swiss knife
Stars: ✭ 5,209 (+2416.43%)
BalbuzardBalbuzard is a package of malware analysis tools in python to extract patterns of interest from suspicious files (IP addresses, domain names, known file headers, interesting strings, etc). It can also crack malware obfuscation such as XOR, ROL, etc by bruteforcing and checking for those patterns.
Stars: ✭ 70 (-66.18%)
Yara PythonThe Python interface for YARA
Stars: ✭ 368 (+77.78%)
Python IocextractDefanged Indicator of Compromise (IOC) Extractor.
Stars: ✭ 300 (+44.93%)
PecliCLI tool to analyze PE files
Stars: ✭ 46 (-77.78%)
MqueryYARA malware query accelerator (web frontend)
Stars: ✭ 264 (+27.54%)
Analyzer🔍 Offline Analyzer for extracting features, artifacts and IoCs from Windows, Linux, Android, iPhone, Blackberry, macOS binaries, emails and more
Stars: ✭ 108 (-47.83%)
MeltingPotA tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
Stars: ✭ 23 (-88.89%)
Malware IocIndicators of Compromises (IOC) of our various investigations
Stars: ✭ 955 (+361.35%)
DidierstevenssuitePlease no pull requests for this repository. Thanks!
Stars: ✭ 856 (+313.53%)
YaraSyntaxYARA package for Sublime Text
Stars: ✭ 15 (-92.75%)
Signature BaseSignature base for my scanner tools
Stars: ✭ 1,212 (+485.51%)
YargenyarGen is a generator for YARA rules
Stars: ✭ 795 (+284.06%)
YaraguardianDjango web interface for managing Yara rules
Stars: ✭ 156 (-24.64%)
ManalyzeA static analyzer for PE executables.
Stars: ✭ 701 (+238.65%)
Yara EndpointYara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Stars: ✭ 75 (-63.77%)
MultiscannerModular file scanning/analysis framework
Stars: ✭ 494 (+138.65%)
UrsadbTrigram database written in C++, suited for malware indexing
Stars: ✭ 72 (-65.22%)
PeframePEframe is a open source tool to perform static analysis on Portable Executable malware and malicious MS Office documents.
Stars: ✭ 472 (+128.02%)
IocsSophos-originated indicators-of-compromise from published reports
Stars: ✭ 128 (-38.16%)
StrelkaReal-time, container-based file scanning at enterprise scale
Stars: ✭ 387 (+86.96%)
BinaryalertBinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Stars: ✭ 1,125 (+443.48%)
StoqAn open source framework for enterprise level automated analysis.
Stars: ✭ 352 (+70.05%)
HamburglarHamburglar -- collect useful information from urls, directories, and files
Stars: ✭ 321 (+55.07%)
YarasigsVarious Yara signatures (possibly to be included in a release later).
Stars: ✭ 59 (-71.5%)
Yara RulesRepository of YARA rules made by McAfee ATR Team
Stars: ✭ 283 (+36.71%)
PlyaraParse YARA rules and operate over them more easily.
Stars: ✭ 108 (-47.83%)
ApkidAndroid Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Stars: ✭ 999 (+382.61%)
YobiYara Based Detection Engine for web browsers
Stars: ✭ 39 (-81.16%)
DailyiocIOC from articles, tweets for archives
Stars: ✭ 167 (-19.32%)
yarasploitYaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
Stars: ✭ 31 (-85.02%)
BinjadockAn extendable, tabbed, dockable UI widget plugin for BinaryNinja https://binary.ninja.
Stars: ✭ 34 (-83.57%)
yara-rulesYara rules written by me, for free use.
Stars: ✭ 13 (-93.72%)
Awesome YaraA curated list of awesome YARA rules, tools, and people.
Stars: ✭ 1,394 (+573.43%)
Operation WocaoOperation Wocao - Indicators of Compromise
Stars: ✭ 29 (-85.99%)
Yara RulesA collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Stars: ✭ 206 (-0.48%)
Go YaraGo bindings for YARA
Stars: ✭ 198 (-4.35%)
LokiLoki - Simple IOC and Incident Response Scanner
Stars: ✭ 2,217 (+971.01%)
IocsIoC's, PCRE's, YARA's etc
Stars: ✭ 15 (-92.75%)