GitHub topics: yara

Repositories

InQuest/ThreatIngestor

Extract and aggregate threat intelligence.

Language: Python - Size: 1.65 MB - Last synced at: 13 minutes ago - Pushed at: about 1 year ago - Stars: 859 - Forks: 137

skye-cyber/ThreatHunter

Capstone,radare,YARA rules based threat detection, malware detection. Analyze your files and folders for various known malware types.

Language: YARA - Size: 3.82 MB - Last synced at: about 22 hours ago - Pushed at: about 23 hours ago - Stars: 1 - Forks: 0

tekn1nja69/grabIOC

Custom Python threat intelligence CLI tool for IOC extraction, YARA/Sigma scanning, and threat API enrichment.

Language: Python - Size: 21.5 KB - Last synced at: about 20 hours ago - Pushed at: about 23 hours ago - Stars: 0 - Forks: 0

horsicq/DIE-engine

DIE engine

Language: C++ - Size: 60.9 MB - Last synced at: 1 day ago - Pushed at: 2 days ago - Stars: 2,572 - Forks: 348

riccio8/ThreatLab

Collection of tools for security purpouse

Language: Go - Size: 95.1 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 6 - Forks: 2

horsicq/YARA-sort

Yara sort

Language: YARA - Size: 977 KB - Last synced at: 2 days ago - Pushed at: 3 days ago - Stars: 13 - Forks: 6

target/strelka

Real-time, container-based file scanning at enterprise scale

Language: Python - Size: 29.1 MB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 920 - Forks: 122

CERT-Polska/mquery

YARA malware query accelerator (web frontend)

Language: Python - Size: 8.36 MB - Last synced at: 13 minutes ago - Pushed at: about 1 month ago - Stars: 426 - Forks: 76

michelcrypt4d4mus/yaralyzer

Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.

Language: Python - Size: 13 MB - Last synced at: 2 days ago - Pushed at: 4 months ago - Stars: 120 - Forks: 14

eset/malware-ioc

Indicators of Compromises (IOC) of our various investigations

Language: YARA - Size: 1.81 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 1,755 - Forks: 267

Neo23x0/Loki

Loki - Simple IOC and YARA Scanner

Language: Python - Size: 68 MB - Last synced at: 2 days ago - Pushed at: 5 months ago - Stars: 3,516 - Forks: 596

bartblaze/Yara-rules

Collection of private Yara rules.

Language: YARA - Size: 224 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 352 - Forks: 56

nblog/x64dbg-yaraScan

x64dbg-plugin Yara

Language: YARA - Size: 73.2 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 8 - Forks: 5

gemesa/malware-analysis-toolkit

Setup guides for malware analysis tools such as Ghidra, INetSim, Suricata, Zeek, etc. on Fedora

Size: 27.3 KB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 1 - Forks: 0

ald3ns/copy-as-yara

This is a little plugin to copy disassembly in a way that is usable in YARA rules!

Language: Python - Size: 74.5 MB - Last synced at: 6 days ago - Pushed at: 6 days ago - Stars: 42 - Forks: 1

Raspirus/raspirus

A user- and resources-friendly rules-based malware scanner

Language: Rust - Size: 21.6 MB - Last synced at: 5 days ago - Pushed at: 17 days ago - Stars: 169 - Forks: 10

Neo23x0/signature-base

YARA signature and IOC database for my scanners and tools

Language: YARA - Size: 38.9 MB - Last synced at: 7 days ago - Pushed at: 22 days ago - Stars: 2,590 - Forks: 619

VirusTotal/yara

The pattern matching swiss knife

Language: C - Size: 22.8 MB - Last synced at: 7 days ago - Pushed at: 11 days ago - Stars: 8,686 - Forks: 1,486

EgeBalci/deoptimizer

Evasion by machine code de-optimization.

Language: Rust - Size: 3.69 MB - Last synced at: 8 days ago - Pushed at: 9 months ago - Stars: 373 - Forks: 24

WerWolv/ImHex-Patterns

Hex patterns, include patterns and magic files for the use with the ImHex Hex Editor

Language: Rust - Size: 17.6 MB - Last synced at: 7 days ago - Pushed at: 27 days ago - Stars: 766 - Forks: 217

Neo23x0/yarGen

yarGen is a generator for YARA rules

Language: Python - Size: 1.16 MB - Last synced at: 7 days ago - Pushed at: 13 days ago - Stars: 1,625 - Forks: 291

Lasara26/Attack-Detection-with-Machine-Learning

This project focuses on detecting cyber attacks using machine learning techniques. It employs various algorithms to analyze network traffic and identify potential threats in real-time.

Language: Python - Size: 2.37 MB - Last synced at: 6 days ago - Pushed at: 8 days ago - Stars: 0 - Forks: 0

jvoisin/php-malware-finder 📦

Detect potentially malicious PHP files

Language: PHP - Size: 3.58 MB - Last synced at: 2 days ago - Pushed at: over 1 year ago - Stars: 1,477 - Forks: 284

InQuest/awesome-yara

A curated list of awesome YARA rules, tools, and people.

Size: 282 KB - Last synced at: 8 days ago - Pushed at: 25 days ago - Stars: 3,758 - Forks: 509

deepfence/YaraHunter

🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍

Language: Go - Size: 12.5 MB - Last synced at: 7 days ago - Pushed at: 9 days ago - Stars: 1,307 - Forks: 157

VirusTotal/yara-python

The Python interface for YARA

Language: C - Size: 300 KB - Last synced at: 8 days ago - Pushed at: 9 days ago - Stars: 686 - Forks: 185

Neo23x0/Loki2

LOKI2 - Simple IOC and YARA Scanner

Language: Rust - Size: 2.09 MB - Last synced at: 7 days ago - Pushed at: 9 months ago - Stars: 89 - Forks: 10

airbnb/binaryalert

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

Language: Python - Size: 38 MB - Last synced at: 7 days ago - Pushed at: over 1 year ago - Stars: 1,422 - Forks: 186

Neo23x0/yaraQA

YARA rule analyzer to improve rule quality and performance

Language: Python - Size: 8.11 MB - Last synced at: 7 days ago - Pushed at: 10 days ago - Stars: 98 - Forks: 6

YARA-Silly-Silly/yarasilly2

Automatic generation of YARA rules from sample files.

Language: Python - Size: 280 KB - Last synced at: 10 days ago - Pushed at: 10 days ago - Stars: 28 - Forks: 3

FrodeHus/ludvig

Security scanner using YARA

Language: Python - Size: 404 KB - Last synced at: 10 days ago - Pushed at: 12 months ago - Stars: 16 - Forks: 2

plyara/plyara

Parse YARA rules and operate over them more easily.

Language: Python - Size: 597 KB - Last synced at: 11 days ago - Pushed at: 2 months ago - Stars: 186 - Forks: 43

XiAnzheng-ID/RansomPyShield-Antiransomware

RansomPyShield is a Tool to detect and stop Ransomware with Honeypot Technique , Yara Rules , and other stuff using Python

Language: Python - Size: 11.6 MB - Last synced at: 12 days ago - Pushed at: 12 days ago - Stars: 1 - Forks: 0

FrancoGarciaC9701/Malware-Analyzer-with-Python

Language: Python - Size: 29.3 KB - Last synced at: 11 days ago - Pushed at: 12 days ago - Stars: 0 - Forks: 0

rednaga/APKiD

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

Language: YARA - Size: 9.82 MB - Last synced at: 12 days ago - Pushed at: 22 days ago - Stars: 2,175 - Forks: 303

volexity/threat-intel

Signatures and IoCs from public Volexity blog posts.

Language: Python - Size: 942 KB - Last synced at: 10 days ago - Pushed at: 2 months ago - Stars: 352 - Forks: 56

ThreatLabz/iocs

This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports

Language: YARA - Size: 243 KB - Last synced at: 10 days ago - Pushed at: 5 months ago - Stars: 72 - Forks: 10

InQuest/iocextract

Defanged Indicator of Compromise (IOC) Extractor.

Language: Python - Size: 777 KB - Last synced at: 9 days ago - Pushed at: 8 months ago - Stars: 526 - Forks: 92

JPCERTCC/YAMA

Yet Another Memory Analyzer for malware detection

Language: C++ - Size: 463 KB - Last synced at: 11 days ago - Pushed at: 13 days ago - Stars: 180 - Forks: 85

vthib/boreal

Safe and performant YARA rules evaluator in Rust

Language: Rust - Size: 5.12 MB - Last synced at: 13 days ago - Pushed at: 13 days ago - Stars: 46 - Forks: 2

87owo/PYAS

Python Antivirus Software

Language: Python - Size: 1.24 GB - Last synced at: 15 days ago - Pushed at: about 2 months ago - Stars: 157 - Forks: 24

t4d/PhishingKit-Yara-Rules

Repository of Yara rules dedicated to Phishing Kits Zip files

Language: YARA - Size: 1.01 MB - Last synced at: 15 days ago - Pushed at: 15 days ago - Stars: 215 - Forks: 34

aishwaryagm1999/Aircraft-Network-Security-using-YARA-Rules-and-Machine-Learning-for-Threat-Detection-and-Prevention

This project addresses cybersecurity in aviation by developing a machine learning-enhanced intrusion detection and prevention system (IDPS) for aircraft networks. Combining YARA-based signature detection with behavior-based (ML) anomaly detection, the system mitigates cyber threats in real-time, protecting aircraft from sophisticated attacks.

Language: Python - Size: 11.7 KB - Last synced at: 13 days ago - Pushed at: 6 months ago - Stars: 1 - Forks: 0

Automattic/node-yara Fork of miguelxpn/node-yara

YARA support for Node.js

Language: C++ - Size: 25.8 MB - Last synced at: about 7 hours ago - Pushed at: 2 months ago - Stars: 7 - Forks: 1

steffenfritz/FileTrove

FileTrove indexes files and creates metadata from them.

Language: Go - Size: 6.99 MB - Last synced at: 5 days ago - Pushed at: 5 days ago - Stars: 44 - Forks: 5

avast/yls

YARA Language Server

Language: Python - Size: 1.5 MB - Last synced at: 16 days ago - Pushed at: 17 days ago - Stars: 70 - Forks: 12

cristianzsh/freki

:wolf: Malware analysis platform

Language: YARA - Size: 13.8 MB - Last synced at: 10 days ago - Pushed at: about 1 year ago - Stars: 439 - Forks: 56

pressidium/pressidium-yara-rules

Welcome to the Pressidium® Yara Rules repository. This section contains a carefully curated collection of Yara rules specifically designed to detect and prevent WordPress or PHP malware and viruses, ensuring a safer online environment.

Language: YARA - Size: 58.6 KB - Last synced at: 2 days ago - Pushed at: over 1 year ago - Stars: 13 - Forks: 0

CybercentreCanada/CCCS-Yara

YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA

Language: Python - Size: 253 KB - Last synced at: 16 days ago - Pushed at: 24 days ago - Stars: 102 - Forks: 21

Yara-Rules/yara-endpoint

Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.

Language: Go - Size: 3.23 MB - Last synced at: 12 days ago - Pushed at: about 7 years ago - Stars: 108 - Forks: 30

sufyandaredevil/MALWARE_DEV

Repo containing different types of malware writing concepts

Language: C++ - Size: 242 KB - Last synced at: 20 days ago - Pushed at: 20 days ago - Stars: 7 - Forks: 0

TrustSource/ts-scan

One scanner integrating several capabilities across different environments

Language: Python - Size: 1.38 MB - Last synced at: 6 days ago - Pushed at: 20 days ago - Stars: 2 - Forks: 3

wgpsec/whohk

whohk，linux下一款强大的应急响应工具在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况，有的时候还需要做一些格式处理，这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来，并处理成了较为友好的格式，只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。

Language: YARA - Size: 5.31 MB - Last synced at: 16 days ago - Pushed at: over 1 year ago - Stars: 531 - Forks: 67

Assaf-R/bervie

An eBpf security program that blocks the execution of files that were flagged as malicious by the give YARA detection rules. Named in convention with the other Scottish loch tools

Language: Python - Size: 6.84 KB - Last synced at: 15 days ago - Pushed at: 24 days ago - Stars: 0 - Forks: 0

radareorg/r2yara

yara and radare2, better together

Language: C - Size: 125 KB - Last synced at: 1 day ago - Pushed at: 25 days ago - Stars: 25 - Forks: 5

evilsocket/sauron

A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules.

Language: Rust - Size: 52.7 KB - Last synced at: 16 days ago - Pushed at: over 2 years ago - Stars: 224 - Forks: 12

m4pol/hunting-rules-repository

This repository contains a collection of threat hunting rules.

Language: YARA - Size: 80.1 KB - Last synced at: 28 days ago - Pushed at: 28 days ago - Stars: 1 - Forks: 0

cedricbonhomme/pyHIDS

A HIDS (host-based intrusion detection system) for verifying the integrity of a system.

Language: Python - Size: 758 KB - Last synced at: 15 days ago - Pushed at: 2 months ago - Stars: 58 - Forks: 15

avast/yari

YARI is an interactive debugger for YARA Language.

Language: Rust - Size: 541 KB - Last synced at: 14 days ago - Pushed at: 3 months ago - Stars: 88 - Forks: 9

google/threat-team

IOCs from Google's Threat Analysis Group (TAG)

Language: YARA - Size: 99.6 KB - Last synced at: about 18 hours ago - Pushed at: 5 months ago - Stars: 29 - Forks: 3

deadbits/yara-rules 📦

Collection of YARA signatures from individual research

Language: YARA - Size: 191 KB - Last synced at: 20 days ago - Pushed at: over 1 year ago - Stars: 44 - Forks: 9

seanthegeek/yaramail

A Python package and command line utility for scanning emails with YARA rules

Language: Python - Size: 6.27 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 20 - Forks: 4

advanced-threat-research/Yara-Rules

Repository of YARA rules made by Trellix ATR Team

Language: YARA - Size: 381 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 579 - Forks: 80

InQuest/ThreatKB

Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

Language: JavaScript - Size: 28.7 MB - Last synced at: 21 days ago - Pushed at: 3 months ago - Stars: 100 - Forks: 17

EmersonElectricCo/fsf

File Scanning Framework

Language: Python - Size: 1.1 MB - Last synced at: 11 days ago - Pushed at: over 3 years ago - Stars: 292 - Forks: 49

spyre-project/spyre

simple YARA-based IOC scanner

Language: Go - Size: 350 KB - Last synced at: 16 days ago - Pushed at: 2 months ago - Stars: 169 - Forks: 28

pseudo-security/slacksecrets

Scans Slack for API tokens, credentials, passwords, and more using YARA rules

Language: Python - Size: 43.9 KB - Last synced at: 24 days ago - Pushed at: about 4 years ago - Stars: 39 - Forks: 5

SupportIntelligence/Icewater

16,432 Free Yara rules created by

Language: YARA - Size: 4.34 MB - Last synced at: 18 days ago - Pushed at: almost 6 years ago - Stars: 383 - Forks: 58

Infinit3i/Detection-Wizard

Pulls yara, suricata, sigma, & splunk

Language: Rust - Size: 33.2 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

nchgroup/yarazo

mass scanner yara rule

Language: Python - Size: 18.6 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

dubfib/yara

Self-made YARA rules for malware research, detection, and analysis.

Language: YARA - Size: 71.3 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

bandrel/OCyara

Performs OCR on image files and scans them for matches to YARA rules

Language: Python - Size: 221 KB - Last synced at: 11 days ago - Pushed at: over 6 years ago - Stars: 41 - Forks: 8

Hugal31/yara-rust

Rust bindings for VirusTotal/Yara

Language: Rust - Size: 713 KB - Last synced at: 18 days ago - Pushed at: about 2 months ago - Stars: 75 - Forks: 28

techplayz32/yayaras

Yet Another YARA Scanner

Language: Python - Size: 50.8 KB - Last synced at: about 1 month ago - Pushed at: about 2 months ago - Stars: 1 - Forks: 0

daschr/malunpacker

ICAP service which unpacks password-protected attachments (.iso, .rar, .7z, .zip etc.) of various file types and scans them using YARA. Can be seamlessly integrated into rspamd.

Language: Rust - Size: 4.15 MB - Last synced at: 23 days ago - Pushed at: about 2 months ago - Stars: 1 - Forks: 0

roadwy/DefenderYara

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Language: YARA - Size: 78.2 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 356 - Forks: 59

c3rb3ru5d3d53c/binlex

A Binary Genetic Traits Lexer Framework

Language: Rust - Size: 17.8 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 487 - Forks: 54

hbourget/YAREX

YARA scans, easy & optimized. macOS, GNU/Linux, Windows.

Language: PowerShell - Size: 5.04 MB - Last synced at: 14 days ago - Pushed at: 2 months ago - Stars: 2 - Forks: 0

albertzsigovits/malware-yara

YARA rules for malware detection

Language: YARA - Size: 102 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 6 - Forks: 1

apophis133/apophis-YARA-Rules

Repository of yara rules and malware config extractors

Language: YARA - Size: 106 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 10 - Forks: 2

phantom0004/morpheus_IOC_scanner

Enter Morpheus, your advanced IOC detection tool. Powered by expert YARA rules and integrated with VirusTotal, it scans and identifies Indicators of Compromise with unmatched precision across diverse formats, redefining cybersecurity defense.

Language: Python - Size: 2.9 MB - Last synced at: about 21 hours ago - Pushed at: 2 months ago - Stars: 49 - Forks: 12

ail-project/ail-yara-rules

A set of YARA rules for the AIL framework to detect leak or information disclosure

Language: YARA - Size: 56.6 KB - Last synced at: about 2 months ago - Pushed at: 3 months ago - Stars: 39 - Forks: 7

RamadhanAmizudin/python-icap-yara

An ICAP Server with yara scanner for URL and content.

Language: Python - Size: 19.5 KB - Last synced at: 2 days ago - Pushed at: 4 months ago - Stars: 59 - Forks: 13

3c7/yaramanager 📦

Simple yara rule manager

Language: Python - Size: 244 KB - Last synced at: 1 day ago - Pushed at: over 2 years ago - Stars: 66 - Forks: 7

mandiant/apooxml 📦

Generate YARA rules for OOXML documents.

Language: Python - Size: 7.81 KB - Last synced at: about 1 month ago - Pushed at: almost 2 years ago - Stars: 38 - Forks: 8

c0m4r/paranoya

Simple IOC and YARA scanner for Linux®

Language: Python - Size: 38.3 MB - Last synced at: 6 days ago - Pushed at: 6 months ago - Stars: 6 - Forks: 0

mandiant/heyserial 📦

Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types

Language: YARA - Size: 56.3 MB - Last synced at: about 2 months ago - Pushed at: almost 2 years ago - Stars: 141 - Forks: 20

Related Keywords

yara 323 yara-rules 105 malware-analysis 61 malware 58 python 44 malware-detection 40 yara-scanner 39 malware-research 35 security 30 yara-signatures 27 threat-hunting 27 threat-intelligence 25 golang 19 python3 18 ioc 18 antivirus 18 yara-forensics 15 scanner 15 dfir 15 linux 14 cybersecurity 13 security-tools 13 reverse-engineering 11 incident-response 10 docker 10 sigma 10 malware-analyzer 10 go 9 hacktoberfest 9 rust 8 rules 8 infosec 8 osint 8 threatintel 8 signature 7 virustotal 7 misp 7 suricata 7 detection 7 static-analysis 6 iocs 6 windows 6 yara-manager 6 phishing 6 snort 6 yara-format 6 yara-parser 6 clamav 5 cti 5 blueteam 5 machine-learning 5 signatures 5 forensics 5 binary-analysis 5 zeek 4 bloom-filter 4 malware-protection 4 information-security 4 indicators-of-compromise 4 gplv3 4 threat-detection 4 gpl3 4 yara-x 4 syntax-highlighting 4 android 4 anti-malware 4 security-automation 4 redteam 3 javascript 3 md 3 analysis 3 txt 3 flask 3 vscode 3 yara-language 3 cuckoo 3 cpp 3 yara-lang 3 csharp 3 phishing-detection 3 automation 3 network-analysis 3 leakix 3 virus-scanning 3 ghidra 3 radare2 3 threathunting 3 malware-scanner 3 yara-ruleset 3 ransomware-detection 3 macos 3 hash 3 threat-hunting-via-yara-rules 3 edr 2 base64 2 pattern-matching 2 deep-learning 2 multiprocessing 2 pefile 2 backdoors 2