GitHub topics: yara
5kidRo0t/VenomStrike
VenomStrike: A lightweight, blazing-fast malware scanner that identifies known threats via SHA-256, MD5 hashes and YARA rules. Confirms if a file is a known malware sample. No bloat — just raw speed, simplicity, and full portability.
Language: Python - Size: 85 KB - Last synced at: about 19 hours ago - Pushed at: 1 day ago - Stars: 1 - Forks: 0
87owo/PYAS
Python Antivirus Software
Language: Python - Size: 1.24 GB - Last synced at: about 3 hours ago - Pushed at: 26 days ago - Stars: 160 - Forks: 26
google/threat-team
IOCs from Google Threat Intelligence
Language: YARA - Size: 111 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 32 - Forks: 3
eset/malware-ioc
Indicators of Compromises (IOC) of our various investigations
Language: YARA - Size: 1.83 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 1,775 - Forks: 269
Neo23x0/Loki
Loki - Simple IOC and YARA Scanner
Language: Python - Size: 68 MB - Last synced at: 4 days ago - Pushed at: 6 months ago - Stars: 3,541 - Forks: 599
horsicq/DIE-engine
DIE engine
Language: C++ - Size: 61 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 2,638 - Forks: 350
Neo23x0/signature-base
YARA signature and IOC database for my scanners and tools
Language: YARA - Size: 39.2 MB - Last synced at: 4 days ago - Pushed at: 9 days ago - Stars: 2,629 - Forks: 631
WerWolv/ImHex-Patterns
Hex patterns, include patterns and magic files for the use with the ImHex Hex Editor
Language: Rust - Size: 17.9 MB - Last synced at: 4 days ago - Pushed at: 7 days ago - Stars: 790 - Forks: 227
VirusTotal/yara
The pattern matching swiss knife
Language: C - Size: 22.9 MB - Last synced at: 4 days ago - Pushed at: 6 days ago - Stars: 8,786 - Forks: 1,494
horsicq/YARA-sort
Yara sort
Language: YARA - Size: 992 KB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 14 - Forks: 6
Lasara26/Attack-Detection-with-Machine-Learning
This project focuses on detecting cyber attacks using machine learning techniques. It employs various algorithms to analyze network traffic and identify potential threats in real-time.
Language: Python - Size: 2.37 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 0 - Forks: 0
Neo23x0/yaraQA
YARA rule analyzer to improve rule quality and performance
Language: Python - Size: 8.11 MB - Last synced at: 4 days ago - Pushed at: about 2 months ago - Stars: 101 - Forks: 6
deepfence/YaraHunter
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
Language: Go - Size: 12.5 MB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 1,313 - Forks: 155
FrodeHus/ludvig
Security scanner using YARA
Language: Python - Size: 409 KB - Last synced at: 8 days ago - Pushed at: 8 days ago - Stars: 16 - Forks: 2
soluzka/antivirus
fully equip UltraEncabulator AV
Language: Python - Size: 17.9 MB - Last synced at: 3 days ago - Pushed at: 17 days ago - Stars: 3 - Forks: 1
Raspirus/raspirus
A user- and resources-friendly rules-based malware scanner
Language: Rust - Size: 21.6 MB - Last synced at: 8 days ago - Pushed at: about 1 month ago - Stars: 177 - Forks: 10
airbnb/binaryalert
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Language: Python - Size: 38 MB - Last synced at: about 19 hours ago - Pushed at: over 1 year ago - Stars: 1,426 - Forks: 185
Neo23x0/yarGen
yarGen is a generator for YARA rules
Language: Python - Size: 1.16 MB - Last synced at: 10 days ago - Pushed at: about 2 months ago - Stars: 1,645 - Forks: 295
stellarbear/YaraSharp
C# wrapper around the Yara pattern matching library
Language: C - Size: 23.8 MB - Last synced at: 2 days ago - Pushed at: over 3 years ago - Stars: 40 - Forks: 9
volexity/threat-intel
Signatures and IoCs from public Volexity blog posts.
Language: Python - Size: 969 KB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 354 - Forks: 58
TrustSource/ts-scan
One scanner integrating several capabilities across different environments
Language: Python - Size: 1.38 MB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 2 - Forks: 3
t4d/PhishingKit-Yara-Rules
Repository of Yara rules dedicated to Phishing Kits Zip files
Language: YARA - Size: 403 KB - Last synced at: 11 days ago - Pushed at: 11 days ago - Stars: 217 - Forks: 36
InQuest/ThreatIngestor
Extract and aggregate threat intelligence.
Language: Python - Size: 1.65 MB - Last synced at: 2 days ago - Pushed at: over 1 year ago - Stars: 865 - Forks: 137
wgpsec/whohk
whohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。
Language: YARA - Size: 5.31 MB - Last synced at: 8 days ago - Pushed at: over 1 year ago - Stars: 554 - Forks: 69
CybercentreCanada/assemblyline-service-yara
Assemblyline 4 Yara signature and Post tag processing services
Language: Python - Size: 407 KB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 4 - Forks: 5
rednaga/APKiD
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Language: YARA - Size: 9.91 MB - Last synced at: 12 days ago - Pushed at: 21 days ago - Stars: 2,212 - Forks: 309
EgeBalci/deoptimizer
Evasion by machine code de-optimization.
Language: Rust - Size: 3.69 MB - Last synced at: 9 days ago - Pushed at: 10 months ago - Stars: 379 - Forks: 25
selenagomez25/rattlesnake
Modern Minecraft mod scanner using YARA rules
Language: TypeScript - Size: 1.28 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 2 - Forks: 0
CERT-Polska/karton-yaramatcher
File and analysis artifacts yara matcher for Karton framework
Language: Python - Size: 565 KB - Last synced at: 10 days ago - Pushed at: almost 2 years ago - Stars: 6 - Forks: 9
target/strelka
Real-time, container-based file scanning at enterprise scale
Language: Python - Size: 29.2 MB - Last synced at: 12 days ago - Pushed at: 13 days ago - Stars: 921 - Forks: 122
avast/yari
YARI is an interactive debugger for YARA Language.
Language: Rust - Size: 541 KB - Last synced at: 6 days ago - Pushed at: 5 months ago - Stars: 87 - Forks: 9
uvasoftware/yara-language-nsfw
Lists of not-suitable-for-work words as YARA rules
Language: YARA - Size: 77.1 KB - Last synced at: about 3 hours ago - Pushed at: about 1 month ago - Stars: 29 - Forks: 6
VirusTotal/yara-python
The Python interface for YARA
Language: C - Size: 313 KB - Last synced at: 12 days ago - Pushed at: about 1 month ago - Stars: 690 - Forks: 186
cristianzsh/freki
:wolf: Malware analysis platform
Language: YARA - Size: 13.8 MB - Last synced at: 7 days ago - Pushed at: over 1 year ago - Stars: 442 - Forks: 56
InQuest/iocextract
Defanged Indicator of Compromise (IOC) Extractor.
Language: Python - Size: 777 KB - Last synced at: 18 days ago - Pushed at: 9 months ago - Stars: 530 - Forks: 92
hillu/go-yara
Go bindings for YARA
Language: Go - Size: 287 KB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 364 - Forks: 110
michelcrypt4d4mus/yaralyzer
Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.
Language: Python - Size: 13 MB - Last synced at: 13 days ago - Pushed at: 6 months ago - Stars: 124 - Forks: 14
CybercentreCanada/CCCS-Yara
YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
Language: Python - Size: 265 KB - Last synced at: 8 days ago - Pushed at: 20 days ago - Stars: 104 - Forks: 21
mitre/multiscanner
Modular file scanning/analysis framework
Language: Python - Size: 6.08 MB - Last synced at: 8 days ago - Pushed at: over 5 years ago - Stars: 618 - Forks: 126
vthib/boreal
Safe and performant YARA rules evaluator in Rust
Language: Rust - Size: 5.11 MB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 48 - Forks: 2
jvoisin/php-malware-finder 📦
Detect potentially malicious PHP files
Language: PHP - Size: 3.58 MB - Last synced at: 9 days ago - Pushed at: over 1 year ago - Stars: 1,477 - Forks: 284
InQuest/ThreatKB
Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Language: JavaScript - Size: 28.7 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 102 - Forks: 18
XiAnzheng-ID/RansomPyShield-Antiransomware
RansomPyShield is a Tool to detect and stop Ransomware with Honeypot Technique , Yara Rules , and other stuff using Python
Language: Python - Size: 25.4 MB - Last synced at: 24 days ago - Pushed at: 24 days ago - Stars: 1 - Forks: 0
Neo23x0/Loki2
LOKI2 - Simple IOC and YARA Scanner
Language: Rust - Size: 2.09 MB - Last synced at: 4 days ago - Pushed at: 10 months ago - Stars: 93 - Forks: 10
kidrek/secubian
SECUBIAN is a French Linux distribution focused on evidence processing during Incident Response.
Language: Python - Size: 48.2 MB - Last synced at: 25 days ago - Pushed at: 25 days ago - Stars: 4 - Forks: 3
JPCERTCC/YAMA
Yet Another Memory Analyzer for malware detection
Language: C++ - Size: 463 KB - Last synced at: 12 days ago - Pushed at: about 2 months ago - Stars: 183 - Forks: 94
InQuest/awesome-yara
A curated list of awesome YARA rules, tools, and people.
Size: 282 KB - Last synced at: 25 days ago - Pushed at: 2 months ago - Stars: 3,794 - Forks: 512
reversinglabs/reversinglabs-yara-rules
ReversingLabs YARA Rules
Language: YARA - Size: 562 KB - Last synced at: 27 days ago - Pushed at: about 2 months ago - Stars: 816 - Forks: 110
advanced-threat-research/Yara-Rules
Repository of YARA rules made by Trellix ATR Team
Language: YARA - Size: 381 KB - Last synced at: 27 days ago - Pushed at: 3 months ago - Stars: 594 - Forks: 79
bartblaze/Yara-rules
Collection of private Yara rules.
Language: YARA - Size: 227 KB - Last synced at: 27 days ago - Pushed at: about 2 months ago - Stars: 354 - Forks: 56
InQuest/yara-rules
A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Language: Python - Size: 22.6 MB - Last synced at: 20 days ago - Pushed at: about 3 years ago - Stars: 375 - Forks: 52
spyre-project/spyre
simple YARA-based IOC scanner
Language: Go - Size: 350 KB - Last synced at: 8 days ago - Pushed at: 4 months ago - Stars: 169 - Forks: 28
gemesa/malware-analysis-toolkit
Setup guides for malware analysis tools such as Ghidra, INetSim, Suricata, Zeek, etc. on Fedora
Size: 28.3 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 0
cedricbonhomme/pyHIDS
A HIDS (host-based intrusion detection system) for verifying the integrity of a system.
Language: Python - Size: 758 KB - Last synced at: 7 days ago - Pushed at: 3 months ago - Stars: 59 - Forks: 14
mpengin/zerocrumb-yara-rules
Yara Rules to detect the ZeroCrumb Chrome "Exploit"/Killchain
Language: YARA - Size: 16.6 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0
tekn1nja69/grabIOC
Custom Python threat intelligence CLI tool for IOC extraction, YARA/Sigma scanning, and threat API enrichment.
Language: Python - Size: 74.2 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0
SupportIntelligence/Icewater
16,432 Free Yara rules created by
Language: YARA - Size: 4.34 MB - Last synced at: 27 days ago - Pushed at: about 6 years ago - Stars: 383 - Forks: 58
Yara-Rules/yara-endpoint
Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
Language: Go - Size: 3.23 MB - Last synced at: 28 days ago - Pushed at: about 7 years ago - Stars: 109 - Forks: 30
PUNCH-Cyber/YaraGuardian
Django web interface for managing Yara rules
Language: Python - Size: 831 KB - Last synced at: 27 days ago - Pushed at: almost 7 years ago - Stars: 192 - Forks: 39
roadwy/DefenderYara
Extracted Yara rules from Windows Defender mpavbase and mpasbase
Language: YARA - Size: 78.2 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 404 - Forks: 66
V1D1AN/S1EM
This project is a SIEM with SIRP and Threat Intel, all in one.
Language: Shell - Size: 10.7 MB - Last synced at: about 1 month ago - Pushed at: 6 months ago - Stars: 434 - Forks: 84
fr0gger/Yara-Unprotect
This repository regroups the Yara Rules for the Unprotect Project
Language: YARA - Size: 201 KB - Last synced at: 27 days ago - Pushed at: over 4 years ago - Stars: 25 - Forks: 9
hyuunnn/Hyara
Yara rule making tool (IDA Pro & Binary Ninja & Cutter & Ghidra Plugin)
Language: Python - Size: 8.24 MB - Last synced at: 27 days ago - Pushed at: 8 months ago - Stars: 232 - Forks: 43
Hugal31/yara-rust
Rust bindings for VirusTotal/Yara
Language: Rust - Size: 713 KB - Last synced at: 25 days ago - Pushed at: 3 months ago - Stars: 76 - Forks: 28
radareorg/r2yara
yara and radare2, better together
Language: C - Size: 127 KB - Last synced at: 8 days ago - Pushed at: about 1 month ago - Stars: 25 - Forks: 5
skye-cyber/ThreatHunter
Capstone,radare,YARA rules based threat detection, malware detection. Analyze your files and folders for various known malware types.
Language: YARA - Size: 3.82 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 0
riccio8/ThreatLab
Collection of tools for security purpouse
Language: Go - Size: 95.1 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 6 - Forks: 2
steffenfritz/FileTrove
FileTrove indexes files and creates metadata from them.
Language: Go - Size: 7.02 MB - Last synced at: 9 days ago - Pushed at: 9 days ago - Stars: 44 - Forks: 5
dennislee928/firmware-research-demo
本專案展示了韌體分析方面的實作探索,主要關注於: - 🧩 `binwalk` `hexdump` 進行韌體解包 🧠 `Ghidra` 進行靜態字串和模式分析 🧪 使用 `YARA` 進行規則檢測 🐳 Docker 容器化與自動化分析流程
Language: Shell - Size: 366 KB - Last synced at: 15 days ago - Pushed at: about 2 months ago - Stars: 1 - Forks: 0
avast/yls
YARA Language Server
Language: Python - Size: 1.36 MB - Last synced at: 8 days ago - Pushed at: about 1 month ago - Stars: 71 - Forks: 11
mandiant/heyserial 📦
Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types
Language: YARA - Size: 56.3 MB - Last synced at: about 1 month ago - Pushed at: about 2 years ago - Stars: 142 - Forks: 20
CERT-Polska/mquery
YARA malware query accelerator (web frontend)
Language: Python - Size: 8.36 MB - Last synced at: about 1 month ago - Pushed at: 2 months ago - Stars: 426 - Forks: 76
plyara/plyara
Parse YARA rules and operate over them more easily.
Language: Python - Size: 597 KB - Last synced at: 27 days ago - Pushed at: 4 months ago - Stars: 187 - Forks: 43
nblog/x64dbg-yaraScan
x64dbg-plugin Yara
Language: YARA - Size: 73.2 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 8 - Forks: 5
deadbits/pe-static 📦
Static file analysis for PE files
Language: Python - Size: 1.37 MB - Last synced at: 25 days ago - Pushed at: over 4 years ago - Stars: 13 - Forks: 7
ald3ns/copy-as-yara
This is a little plugin to copy disassembly in a way that is usable in YARA rules!
Language: Python - Size: 74.5 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 42 - Forks: 1
BayshoreNetworks/yextend
Yara integrated software to handle archive file data.
Language: C++ - Size: 102 MB - Last synced at: 27 days ago - Pushed at: about 3 years ago - Stars: 306 - Forks: 59
YARA-Silly-Silly/yarasilly2
Automatic generation of YARA rules from sample files.
Language: Python - Size: 280 KB - Last synced at: 27 days ago - Pushed at: about 2 months ago - Stars: 28 - Forks: 3
FrancoGarciaC9701/Malware-Analyzer-with-Python
Language: Python - Size: 29.3 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0
PUNCH-Cyber/stoq
An open source framework for enterprise level automated analysis.
Language: Python - Size: 5.36 MB - Last synced at: 10 days ago - Pushed at: almost 3 years ago - Stars: 396 - Forks: 52
ThreatLabz/iocs
This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports
Language: YARA - Size: 243 KB - Last synced at: about 2 months ago - Pushed at: 6 months ago - Stars: 72 - Forks: 10
aishwaryagm1999/Aircraft-Network-Security-using-YARA-Rules-and-Machine-Learning-for-Threat-Detection-and-Prevention
This project addresses cybersecurity in aviation by developing a machine learning-enhanced intrusion detection and prevention system (IDPS) for aircraft networks. Combining YARA-based signature detection with behavior-based (ML) anomaly detection, the system mitigates cyber threats in real-time, protecting aircraft from sophisticated attacks.
Language: Python - Size: 11.7 KB - Last synced at: about 2 months ago - Pushed at: 7 months ago - Stars: 1 - Forks: 0
Automattic/node-yara Fork of miguelxpn/node-yara
YARA support for Node.js
Language: C++ - Size: 25.8 MB - Last synced at: 7 days ago - Pushed at: 4 months ago - Stars: 7 - Forks: 1
infosec-intern/vscode-yara
VSCode extension for the YARA pattern matching language
Language: TypeScript - Size: 1.98 MB - Last synced at: 27 days ago - Pushed at: over 1 year ago - Stars: 64 - Forks: 14
pressidium/pressidium-yara-rules
Welcome to the Pressidium® Yara Rules repository. This section contains a carefully curated collection of Yara rules specifically designed to detect and prevent WordPress or PHP malware and viruses, ensuring a safer online environment.
Language: YARA - Size: 58.6 KB - Last synced at: 9 days ago - Pushed at: over 1 year ago - Stars: 13 - Forks: 0
sufyandaredevil/MALWARE_DEV
Repo containing different types of malware writing concepts
Language: C++ - Size: 242 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 7 - Forks: 0
Assaf-R/bervie
An eBpf security program that blocks the execution of files that were flagged as malicious by the give YARA detection rules. Named in convention with the other Scottish loch tools
Language: Python - Size: 6.84 KB - Last synced at: about 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0
Xumeiquer/yara-forensics
Set of Yara rules for finding files using magics headers
Language: YARA - Size: 74.2 KB - Last synced at: 27 days ago - Pushed at: over 4 years ago - Stars: 137 - Forks: 21
seanthegeek/yaramail
A Python package and command line utility for scanning emails with YARA rules
Language: Python - Size: 6.33 MB - Last synced at: 2 days ago - Pushed at: 2 months ago - Stars: 20 - Forks: 4
evilsocket/sauron
A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.
Language: Rust - Size: 52.7 KB - Last synced at: about 2 months ago - Pushed at: almost 3 years ago - Stars: 224 - Forks: 12
m4pol/hunting-rules-repository
This repository contains a collection of threat hunting rules.
Language: YARA - Size: 80.1 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 1 - Forks: 0
deadbits/yara-rules 📦
Collection of YARA signatures from individual research
Language: YARA - Size: 191 KB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 44 - Forks: 9
EmersonElectricCo/fsf
File Scanning Framework
Language: Python - Size: 1.1 MB - Last synced at: 13 days ago - Pushed at: over 3 years ago - Stars: 292 - Forks: 45
wrayjustin/yaids
YAIDS - Yara-Based IDS - Yara as an Intrusion Detection System / Yet Another Intrusion Detection System - An Intrusion Detection System (IDS) utilizing Yara and multi-threading
Language: C - Size: 952 KB - Last synced at: 27 days ago - Pushed at: over 2 years ago - Stars: 23 - Forks: 7
pseudo-security/slacksecrets
Scans Slack for API tokens, credentials, passwords, and more using YARA rules
Language: Python - Size: 43.9 KB - Last synced at: 2 months ago - Pushed at: over 4 years ago - Stars: 39 - Forks: 5
Infinit3i/Detection-Wizard
Pulls yara, suricata, sigma, & splunk
Language: Rust - Size: 33.2 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
nchgroup/yarazo
mass scanner yara rule
Language: Python - Size: 18.6 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
dubfib/yara
Self-made YARA rules for malware research, detection, and analysis.
Language: YARA - Size: 71.3 KB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 0 - Forks: 0
bandrel/OCyara
Performs OCR on image files and scans them for matches to YARA rules
Language: Python - Size: 221 KB - Last synced at: 27 days ago - Pushed at: over 6 years ago - Stars: 41 - Forks: 8
mole-ids/mole
Yara powered NIDS with high speed packet capture powered by PF_RING
Language: Go - Size: 3.04 MB - Last synced at: about 1 month ago - Pushed at: about 1 year ago - Stars: 69 - Forks: 9
