Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: yara
vthib/boreal
Safe and performant YARA rules evaluator
Language: Rust - Size: 4.13 MB - Last synced: about 5 hours ago - Pushed: about 6 hours ago - Stars: 39 - Forks: 3
horsicq/YARA-sort
Yara sort
Language: YARA - Size: 891 KB - Last synced: about 6 hours ago - Pushed: about 6 hours ago - Stars: 11 - Forks: 6
reversinglabs/reversinglabs-yara-rules
ReversingLabs YARA Rules
Language: YARA - Size: 499 KB - Last synced: about 18 hours ago - Pushed: about 19 hours ago - Stars: 697 - Forks: 101
Neo23x0/Loki
Loki - Simple IOC and YARA Scanner
Language: Python - Size: 67.6 MB - Last synced: about 19 hours ago - Pushed: 2 months ago - Stars: 3,249 - Forks: 575
InQuest/ThreatIngestor
Extract and aggregate threat intelligence.
Language: Python - Size: 1.65 MB - Last synced: 1 day ago - Pushed: 3 months ago - Stars: 790 - Forks: 133
VirusTotal/yara
The pattern matching swiss knife
Language: C - Size: 22.4 MB - Last synced: 2 days ago - Pushed: 3 days ago - Stars: 7,703 - Forks: 1,395
williamaiworld/loki-app
Loki - Simple IOC and YARA Scanner
Language: Python - Size: 67.5 MB - Last synced: 2 days ago - Pushed: about 2 months ago - Stars: 0 - Forks: 0
InQuest/awesome-yara
A curated list of awesome YARA rules, tools, and people.
Size: 441 KB - Last synced: 2 days ago - Pushed: about 1 month ago - Stars: 3,267 - Forks: 469
eset/malware-ioc
Indicators of Compromises (IOC) of our various investigations
Language: YARA - Size: 1.55 MB - Last synced: 3 days ago - Pushed: about 1 month ago - Stars: 1,506 - Forks: 252
CybercentreCanada/CCCS-Yara
YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
Language: Python - Size: 278 KB - Last synced: 3 days ago - Pushed: 4 days ago - Stars: 90 - Forks: 20
Hugal31/yara-rust
Rust bindings for VirusTotal/Yara
Language: Rust - Size: 699 KB - Last synced: 4 days ago - Pushed: 5 days ago - Stars: 68 - Forks: 30
hillu/go-yara
Go bindings for YARA
Language: Go - Size: 287 KB - Last synced: 4 days ago - Pushed: 5 days ago - Stars: 345 - Forks: 111
a-sarja/Revisor
Revisor is a multi-AV file analyzer used to determine whether a file is malicious or not. It is integrated with Virus Total and ClamAV. It also provides crowd sourced Yara rules to identify the malware file.
Language: Python - Size: 1.18 MB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 5 - Forks: 0
airbnb/binaryalert
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Language: Python - Size: 38 MB - Last synced: 2 days ago - Pushed: 5 months ago - Stars: 1,380 - Forks: 201
rednaga/APKiD
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Language: YARA - Size: 9.82 MB - Last synced: 4 days ago - Pushed: 7 days ago - Stars: 1,906 - Forks: 284
mitre/multiscanner
Modular file scanning/analysis framework
Language: Python - Size: 6.08 MB - Last synced: 3 days ago - Pushed: over 4 years ago - Stars: 611 - Forks: 125
t4d/PhishingKit-Yara-Rules
Repository of Yara rules dedicated to Phishing Kits Zip files
Language: YARA - Size: 363 KB - Last synced: 5 days ago - Pushed: 5 days ago - Stars: 178 - Forks: 35
cristianzsh/freki
:wolf: Malware analysis platform
Language: YARA - Size: 13.8 MB - Last synced: 2 days ago - Pushed: 3 months ago - Stars: 408 - Forks: 58
horsicq/DIE-engine
DIE engine
Language: C++ - Size: 59.5 MB - Last synced: 9 days ago - Pushed: 9 days ago - Stars: 2,116 - Forks: 306
audibleblink/all-yar-secrets
Yara rules for finding secrets
Language: YARA - Size: 172 KB - Last synced: 9 days ago - Pushed: almost 4 years ago - Stars: 7 - Forks: 2
usualsuspect/yara_vt_mock
Emulates the VirusTotal "vt" YARA module for livehunt rule debugging/testing
Language: C - Size: 62.5 KB - Last synced: 9 days ago - Pushed: 12 months ago - Stars: 21 - Forks: 2
wesinator/codemirror-yara
YARA highlighting mode for CodeMirror
Language: JavaScript - Size: 4.88 KB - Last synced: 9 days ago - Pushed: about 4 years ago - Stars: 0 - Forks: 0
corumir/YARA-Class-1
Hidden Secrets of Files with YARA Part I
Size: 486 KB - Last synced: 10 days ago - Pushed: about 4 years ago - Stars: 0 - Forks: 0
corumir/Aftertale
Language: Python - Size: 1000 Bytes - Last synced: 10 days ago - Pushed: about 7 years ago - Stars: 0 - Forks: 1
DBHeise/YaraPerfTest
Yara Rule-Performance Testing harness
Language: Go - Size: 46.9 KB - Last synced: 10 days ago - Pushed: 4 months ago - Stars: 4 - Forks: 1
WerWolv/ImHex-Patterns
Hex patterns, include patterns and magic files for the use with the ImHex Hex Editor
Language: Rust - Size: 12.1 MB - Last synced: 9 days ago - Pushed: 11 days ago - Stars: 535 - Forks: 146
target/strelka
Real-time, container-based file scanning at enterprise scale
Language: Python - Size: 20.9 MB - Last synced: 9 days ago - Pushed: 11 days ago - Stars: 799 - Forks: 105
JPCERTCC/YAMA
Yet Another Memory Analyzer for malware detection
Language: C++ - Size: 460 KB - Last synced: 11 days ago - Pushed: 11 days ago - Stars: 166 - Forks: 81
FrodeHus/ludvig
Security scanner using YARA
Language: Python - Size: 404 KB - Last synced: 12 days ago - Pushed: 12 days ago - Stars: 13 - Forks: 1
evilsocket/sauron
A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.
Language: Rust - Size: 52.7 KB - Last synced: 9 days ago - Pushed: over 1 year ago - Stars: 188 - Forks: 12
hillu/yara-rules-re
Tools for inspecting YARA bytecode
Language: C - Size: 7.81 KB - Last synced: 9 days ago - Pushed: almost 4 years ago - Stars: 15 - Forks: 2
VirusTotal/yara-python
The Python interface for YARA
Language: C - Size: 306 KB - Last synced: 2 days ago - Pushed: about 2 months ago - Stars: 623 - Forks: 178
seanpm2001/SNU_2D_ProgrammingTools_IDE_YARA
The YARA Programming language IDE submodule for SNU Programming Tools.
Language: YARA - Size: 367 KB - Last synced: 13 days ago - Pushed: over 1 year ago - Stars: 2 - Forks: 1
seanpm2001/Linux_Defender_YARA_CVE_Database
The YARA CVE database for the Linux Defender anti-virus program.
Language: YARA - Size: 650 KB - Last synced: 13 days ago - Pushed: about 1 year ago - Stars: 2 - Forks: 1
Xumeiquer/yara-forensics
Set of Yara rules for finding files using magics headers
Language: YARA - Size: 74.2 KB - Last synced: 9 days ago - Pushed: over 3 years ago - Stars: 134 - Forks: 24
avast/yls
YARA Language Server
Language: Python - Size: 1.27 MB - Last synced: about 17 hours ago - Pushed: 26 days ago - Stars: 65 - Forks: 13
Automattic/node-yara Fork of miguelxpn/node-yara
YARA support for Node.js
Language: C++ - Size: 16.8 MB - Last synced: 1 day ago - Pushed: 2 months ago - Stars: 5 - Forks: 1
bartblaze/FARA
Repository that contains a set of purposefully erroneous Yara rules.
Language: YARA - Size: 16.6 KB - Last synced: 4 days ago - Pushed: 4 months ago - Stars: 46 - Forks: 2
petabi/yaraio
Yara rule reader/writer
Language: Rust - Size: 10.7 KB - Last synced: 17 days ago - Pushed: about 3 years ago - Stars: 1 - Forks: 1
c3rb3ru5d3d53c/binlex
A Binary Genetic Traits Lexer Framework
Language: C++ - Size: 16.8 MB - Last synced: 9 days ago - Pushed: 6 months ago - Stars: 383 - Forks: 45
deepfence/YaraHunter
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
Language: Go - Size: 12.4 MB - Last synced: 19 days ago - Pushed: 20 days ago - Stars: 1,229 - Forks: 153
stellarbear/YaraSharp
C# wrapper around the Yara pattern matching library
Language: C - Size: 23.8 MB - Last synced: 12 days ago - Pushed: over 2 years ago - Stars: 32 - Forks: 7
imp0rtp3/Yobi
Yara Based Detection Engine for web browsers
Language: JavaScript - Size: 808 KB - Last synced: 20 days ago - Pushed: over 2 years ago - Stars: 46 - Forks: 5
InQuest/ThreatKB
Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Language: JavaScript - Size: 28.7 MB - Last synced: 10 days ago - Pushed: 10 days ago - Stars: 92 - Forks: 18
google/threat-team
IOCs from Threat Analysis Group (TAG)
Language: YARA - Size: 40 KB - Last synced: 2 days ago - Pushed: 3 months ago - Stars: 12 - Forks: 0
weaweawe01/go_yara_scan
go yara scan file
Language: YARA - Size: 102 KB - Last synced: 25 days ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
zerofox-oss/phish-kit-yara
A yara module to aid in identifying phishing kits.
Language: C - Size: 77.1 KB - Last synced: 25 days ago - Pushed: over 1 year ago - Stars: 2 - Forks: 2
InQuest/iocextract
Defanged Indicator of Compromise (IOC) Extractor.
Language: Python - Size: 825 KB - Last synced: 25 days ago - Pushed: 5 months ago - Stars: 485 - Forks: 88
87owo/PYAS
Python Antivirus Software
Language: Python - Size: 935 MB - Last synced: 24 days ago - Pushed: 24 days ago - Stars: 107 - Forks: 18
radareorg/r2yara
yara and radare2, better together
Language: C - Size: 80.1 KB - Last synced: 27 days ago - Pushed: about 2 months ago - Stars: 8 - Forks: 0
Neo23x0/signature-base
YARA signature and IOC database for my scanners and tools
Language: YARA - Size: 38.2 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 2,315 - Forks: 585
jstrosch/subcrawl Fork of hpthreatresearch/subcrawl
SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data with optional output modules, such as Elastic.
Language: Python - Size: 12 MB - Last synced: 4 days ago - Pushed: 4 days ago - Stars: 36 - Forks: 4
dweinstein/yara-insp
util to inspect a compiled yara rules file
Language: C - Size: 5.86 KB - Last synced: 26 days ago - Pushed: about 7 years ago - Stars: 1 - Forks: 1
InQuest/yara-rules
A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Language: Python - Size: 22.6 MB - Last synced: 25 days ago - Pushed: almost 2 years ago - Stars: 355 - Forks: 54
ditekshen/detection
Detection in the form of Yara, Snort and ClamAV signatures.
Language: YARA - Size: 1.66 MB - Last synced: 27 days ago - Pushed: 2 months ago - Stars: 183 - Forks: 38
volexity/threat-intel
Signatures and IoCs from public Volexity blog posts.
Language: Python - Size: 912 KB - Last synced: 28 days ago - Pushed: 28 days ago - Stars: 255 - Forks: 51
selsocono/facefishconfig
The utility receives configuration data from the FaceFish rootkit, which is encrypted with the Blowfish algorithm.
Language: Dockerfile - Size: 5.86 KB - Last synced: 28 days ago - Pushed: 29 days ago - Stars: 0 - Forks: 0
boz3r/yara-rules-repo
The collection of YARA rules to perform malware threat hunting and detection.
Language: YARA - Size: 66.4 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 1 - Forks: 0
t4d/PhishingKit-Yara-Search
Yara scan Phishing Kit's Zip archive(s)
Language: Python - Size: 22.5 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 50 - Forks: 11
cloudina/hawk
Multi Cloud Antivirus Scanning API using YARA and CLAMAV for AWS S3, Azure Blob Storage and GCP Cloud Storage
Language: Go - Size: 47.9 KB - Last synced: about 1 month ago - Pushed: 4 months ago - Stars: 14 - Forks: 1
dyussekeyev/thamara
THAMARA - Threat Hunting with AMSI and YARA
Language: C - Size: 14 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 1 - Forks: 1
Fadavvi/Yara-Repo
A script to collect (the most famous) Yara rules from more than 150 free resources. Free alternative to: https://valhalla.nextron-systems.com/
Language: Shell - Size: 104 KB - Last synced: about 1 month ago - Pushed: 9 months ago - Stars: 25 - Forks: 3
Yara-Rules/yara-endpoint
Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Language: Go - Size: 3.23 MB - Last synced: 20 days ago - Pushed: about 6 years ago - Stars: 103 - Forks: 32
deadbits/yara-rules
Collection of YARA signatures from individual research
Language: YARA - Size: 191 KB - Last synced: about 1 month ago - Pushed: 6 months ago - Stars: 40 - Forks: 9
spyre-project/spyre
simple YARA-based IOC scanner
Language: Go - Size: 387 KB - Last synced: about 1 month ago - Pushed: 2 months ago - Stars: 158 - Forks: 27
gormaniac/yarastorm
A Storm service that facilitates Yara scanning from a Synapse Cortex
Language: Python - Size: 2.68 MB - Last synced: 8 days ago - Pushed: 10 months ago - Stars: 4 - Forks: 0
avast/yari
YARI is an interactive debugger for YARA Language.
Language: Rust - Size: 579 KB - Last synced: 18 days ago - Pushed: 18 days ago - Stars: 85 - Forks: 9
CIRCL/factual-rules-generator
Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Language: Python - Size: 3.2 MB - Last synced: 24 days ago - Pushed: over 2 years ago - Stars: 72 - Forks: 6
plyara/plyara
Parse YARA rules and operate over them more easily.
Language: Python - Size: 481 KB - Last synced: about 20 hours ago - Pushed: 6 months ago - Stars: 169 - Forks: 35
bartblaze/Yara-rules
Collection of private Yara rules.
Language: YARA - Size: 208 KB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 294 - Forks: 53
hyuunnn/Hyara
Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)
Language: Python - Size: 8.23 MB - Last synced: about 1 month ago - Pushed: about 1 month ago - Stars: 212 - Forks: 45
EmersonElectricCo/fsf
File Scanning Framework
Language: Python - Size: 1.1 MB - Last synced: about 1 month ago - Pushed: over 2 years ago - Stars: 281 - Forks: 49
marirs/dedupe_yara_rule-rs
Dedupe yara rules - Rust version
Language: Rust - Size: 4.43 MB - Last synced: about 1 month ago - Pushed: about 2 years ago - Stars: 0 - Forks: 1
AdamWhiteHat/Judge-Jury-and-Executable
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Language: C# - Size: 27 MB - Last synced: 8 days ago - Pushed: about 2 months ago - Stars: 77 - Forks: 13
infosec-intern/vscode-yara
VSCode extension for the YARA pattern matching language
Language: TypeScript - Size: 1.98 MB - Last synced: 21 days ago - Pushed: 4 months ago - Stars: 60 - Forks: 14
BayshoreNetworks/yextend
Yara integrated software to handle archive file data.
Language: C++ - Size: 102 MB - Last synced: 20 days ago - Pushed: about 2 years ago - Stars: 291 - Forks: 58
michelcrypt4d4mus/yaralyzer
Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.
Language: Python - Size: 12.6 MB - Last synced: 20 days ago - Pushed: about 1 month ago - Stars: 100 - Forks: 13
cedricbonhomme/pyHIDS
A HIDS (host-based intrusion detection system) for verifying the integrity of a system.
Language: Python - Size: 778 KB - Last synced: 9 days ago - Pushed: 28 days ago - Stars: 49 - Forks: 15
RootMiner/YaraGuard
YaraGuard is an advanced malware analysis tool designed to empower users in the relentless pursuit of securing digital environments. At its core, YaraGuard utilizes YARA rules, providing a sophisticated and effective means of scanning files for potential threats.
Language: YARA - Size: 12.6 MB - Last synced: 16 days ago - Pushed: 3 months ago - Stars: 4 - Forks: 2
jvoisin/php-malware-finder 📦
Detect potentially malicious PHP files
Language: PHP - Size: 3.58 MB - Last synced: about 1 month ago - Pushed: 7 months ago - Stars: 1,452 - Forks: 283
elastic/siglearn
Code for BH21 talk: "Generating YARA Rules by Classifying Malicious Byte Sequences"
Language: YARA - Size: 22 MB - Last synced: 28 days ago - Pushed: over 2 years ago - Stars: 12 - Forks: 5
MISP/yara-misp
Export MISP attributes in Yara
Language: Python - Size: 5.86 KB - Last synced: about 2 months ago - Pushed: over 6 years ago - Stars: 12 - Forks: 2
mtnmunuklu/alterix
Converts Sigma and Yara rules
Language: Go - Size: 4.51 MB - Last synced: 27 days ago - Pushed: about 2 months ago - Stars: 14 - Forks: 3
D3vKn1ght/yara-dll Fork of VirusTotal/yara
Dll for yara
Language: C - Size: 162 MB - Last synced: about 2 months ago - Pushed: 8 months ago - Stars: 0 - Forks: 0
lprat/static_file_analysis
Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Language: YARA - Size: 9.26 MB - Last synced: about 1 month ago - Pushed: 8 months ago - Stars: 47 - Forks: 11
curated-intel/Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
Language: YARA - Size: 4.44 MB - Last synced: about 1 month ago - Pushed: 11 months ago - Stars: 908 - Forks: 98
roadwy/DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
Language: YARA - Size: 36.4 MB - Last synced: about 2 months ago - Pushed: about 2 months ago - Stars: 67 - Forks: 21
advanced-threat-research/Yara-Rules
Repository of YARA rules made by Trellix ATR Team
Language: YARA - Size: 378 KB - Last synced: about 2 months ago - Pushed: 5 months ago - Stars: 526 - Forks: 80
pseudo-security/slacksecrets
Scans Slack for API tokens, credentials, passwords, and more using YARA rules
Language: Python - Size: 43.9 KB - Last synced: about 1 month ago - Pushed: about 3 years ago - Stars: 35 - Forks: 8
PUNCH-Cyber/stoq
An open source framework for enterprise level automated analysis.
Language: Python - Size: 5.36 MB - Last synced: 17 days ago - Pushed: almost 2 years ago - Stars: 394 - Forks: 55
RamadhanAmizudin/python-icap-yara
An ICAP Server with yara scanner for URL and content.
Language: Python - Size: 15.6 KB - Last synced: 24 days ago - Pushed: over 2 years ago - Stars: 56 - Forks: 13
pressidium/pressidium-yara-rules
Welcome to the Pressidium® Yara Rules repository. This section contains a carefully curated collection of Yara rules specifically designed to detect and prevent WordPress or PHP malware and viruses, ensuring a safer online environment.
Language: YARA - Size: 58.6 KB - Last synced: about 2 months ago - Pushed: 6 months ago - Stars: 6 - Forks: 0
Neo23x0/Loki2
LOKI2 - Simple IOC and YARA Scanner
Language: Rust - Size: 2.09 MB - Last synced: 2 months ago - Pushed: 12 months ago - Stars: 67 - Forks: 8
threatlabz/iocs
This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
Language: YARA - Size: 163 KB - Last synced: about 1 month ago - Pushed: 3 months ago - Stars: 59 - Forks: 11
umutsevdi/pds
Machine Learning and Regex Matching based Phishing Detection System with a phishing attack scenario
Language: HTML - Size: 36.9 MB - Last synced: 2 months ago - Pushed: over 1 year ago - Stars: 1 - Forks: 1
CERT-Polska/mquery
YARA malware query accelerator (web frontend)
Language: Python - Size: 8.21 MB - Last synced: about 1 month ago - Pushed: 3 months ago - Stars: 399 - Forks: 75
s3rvac/vim-syntax-yara
A Vim syntax highlighting for YARA rules
Language: Vim Script - Size: 64.5 KB - Last synced: about 1 month ago - Pushed: 2 months ago - Stars: 29 - Forks: 6
YARA-Silly-Silly/yarasilly2
Automatic generation of YARA rules from sample files.
Language: Python - Size: 317 KB - Last synced: 7 days ago - Pushed: 7 days ago - Stars: 26 - Forks: 3
V1D1AN/S1EM
This project is a SIEM with SIRP and Threat Intel, all in one.
Language: Shell - Size: 10.7 MB - Last synced: 2 months ago - Pushed: 4 months ago - Stars: 382 - Forks: 72
nyx0/YaraSyntax
YARA package for Sublime Text
Language: YARA - Size: 108 KB - Last synced: 3 days ago - Pushed: over 1 year ago - Stars: 19 - Forks: 9