GitHub topics: yara

Repositories

AzzOnFire/yarka

IDA plugin for YARA signature creation

Language: Python - Size: 505 KB - Last synced at: about 8 hours ago - Pushed at: about 10 hours ago - Stars: 12 - Forks: 2

eset/malware-ioc

Indicators of Compromises (IOC) of our various investigations

Language: YARA - Size: 1.84 MB - Last synced at: about 17 hours ago - Pushed at: about 19 hours ago - Stars: 1,821 - Forks: 275

horsicq/YARA-sort

Yara sort

Language: YARA - Size: 1.01 MB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 13 - Forks: 6

paolokappa/yara4wazuh

Comprehensive malware detection and response system that integrates YARA scanning capabilities with Wazuh SIEM.

Language: Shell - Size: 79.1 KB - Last synced at: 1 day ago - Pushed at: 1 day ago - Stars: 0 - Forks: 0

dennislee928/firmware-research-demo

本專案展示了韌體分析方面的實作探索，主要關注於： - 🧩 `binwalk` `hexdump` 進行韌體解包 🧠 `Ghidra` 進行靜態字串和模式分析 🧪 使用 `YARA` 進行規則檢測 🐳 Docker 容器化與自動化分析流程

Language: Shell - Size: 465 KB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 2 - Forks: 0

XiAnzheng-ID/RansomPyShield-Antiransomware

RansomPyShield is a Tool to detect and stop Ransomware with Honeypot, Yara Rules, Machine Learning, and other stuff using Python

Language: Python - Size: 26.9 MB - Last synced at: 2 days ago - Pushed at: 2 days ago - Stars: 2 - Forks: 0

horsicq/DIE-engine

DIE engine

Language: C++ - Size: 61.6 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 2,772 - Forks: 357

XiAnzheng-ID/Yara-Rules

Heuristic Yara Rule (DO NOT USE THIS AS A SIGNATURE BASE IT CAN CREATE MANY FP)

Language: YARA - Size: 11.7 KB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 0 - Forks: 0

WerWolv/ImHex-Patterns

Hex patterns, include patterns and magic files for the use with the ImHex Hex Editor

Language: Rust - Size: 26.1 MB - Last synced at: 3 days ago - Pushed at: 3 days ago - Stars: 842 - Forks: 240

SanjuCyb3r/ms16iexec-malware-analysis

Graduate malware analysis of ms16iexec.exe with static/dynamic/RE, ProcMon logs, YARA, and reproducible lab notes.

Language: YARA - Size: 153 KB - Last synced at: 3 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0

IsLuana-star/Project-Aura

🤖 Explore AURA: a pioneering open-source framework aimed at building Artificial Sentience through innovative architecture and emergent systems design.

Language: Python - Size: 26.4 KB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 0 - Forks: 0

InQuest/iocextract

Defanged Indicator of Compromise (IOC) Extractor.

Language: Python - Size: 777 KB - Last synced at: 1 day ago - Pushed at: about 1 year ago - Stars: 545 - Forks: 93

Neo23x0/Loki

Loki - Simple IOC and YARA Scanner

Language: Python - Size: 68 MB - Last synced at: 4 days ago - Pushed at: 18 days ago - Stars: 3,636 - Forks: 608

Neo23x0/yarGen

yarGen is a generator for YARA rules

Language: Python - Size: 1.16 MB - Last synced at: 4 days ago - Pushed at: 5 months ago - Stars: 1,696 - Forks: 299

VirusTotal/yara

The pattern matching swiss knife

Language: C - Size: 22.9 MB - Last synced at: 5 days ago - Pushed at: 29 days ago - Stars: 9,029 - Forks: 1,517

GokbakarE/RuleSetRAT

A curated collection of YARA rules and structured JSON reports designed to identify and analyze various malware builder variants, for educational and research purposes only.

Language: YARA - Size: 7.59 MB - Last synced at: 4 days ago - Pushed at: 4 days ago - Stars: 17 - Forks: 0

Neo23x0/signature-base

YARA signature and IOC database for my scanners and tools

Language: YARA - Size: 39.4 MB - Last synced at: 4 days ago - Pushed at: 6 days ago - Stars: 2,727 - Forks: 644

TrustSource/ts-scan

One scanner integrating several capabilities across different environments

Language: Python - Size: 1.4 MB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 3 - Forks: 3

87owo/PYAS

Antivirus software written in Python and C that blocks threats through deep learning and behavioral monitoring!

Language: Python - Size: 1.24 GB - Last synced at: 7 days ago - Pushed at: 7 days ago - Stars: 190 - Forks: 30

EgeBalci/deoptimizer

Evasion by machine code de-optimization.

Language: Rust - Size: 3.69 MB - Last synced at: 4 days ago - Pushed at: about 1 year ago - Stars: 398 - Forks: 26

airbnb/binaryalert

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

Language: Python - Size: 38 MB - Last synced at: 7 days ago - Pushed at: over 1 year ago - Stars: 1,432 - Forks: 182

rednaga/APKiD

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

Language: YARA - Size: 9.87 MB - Last synced at: 9 days ago - Pushed at: 3 months ago - Stars: 2,299 - Forks: 315

CIRCL/yara-validator

Validates yara rules and tries to repair the broken ones.

Language: Python - Size: 29.3 KB - Last synced at: 7 days ago - Pushed at: almost 5 years ago - Stars: 40 - Forks: 7

CIRCL/volatility-misp

Volatility plugin to interface with MISP

Language: Python - Size: 27.3 KB - Last synced at: 7 days ago - Pushed at: about 8 years ago - Stars: 11 - Forks: 0

Raspirus/raspirus

A user- and resources-friendly rules-based malware scanner

Language: Rust - Size: 21.7 MB - Last synced at: 6 days ago - Pushed at: 20 days ago - Stars: 202 - Forks: 11

target/strelka

Real-time, container-based file scanning at enterprise scale

Language: Python - Size: 29.4 MB - Last synced at: 7 days ago - Pushed at: about 1 month ago - Stars: 942 - Forks: 124

google/threat-team

IOCs from Google Threat Intelligence

Language: YARA - Size: 111 KB - Last synced at: 2 days ago - Pushed at: 3 months ago - Stars: 33 - Forks: 4

Neo23x0/yaraQA

YARA rule analyzer to improve rule quality and performance

Language: Python - Size: 8.11 MB - Last synced at: 4 days ago - Pushed at: 5 months ago - Stars: 103 - Forks: 6

Lasara26/Attack-Detection-with-Machine-Learning

This project focuses on detecting cyber attacks using machine learning techniques. It employs various algorithms to analyze network traffic and identify potential threats in real-time.

Language: Python - Size: 2.37 MB - Last synced at: 16 days ago - Pushed at: 16 days ago - Stars: 0 - Forks: 0

m4pol/hunting-rules-repository

This repository contains a collection of threat hunting rules.

Language: YARA - Size: 90.8 KB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 1 - Forks: 0

DelloBatista/loki

🐙 Loki AI is an enterprise-scale autonomous AI with self-modifying agents, cognitive capabilities, and consciousness-like behavior, built for production-grade deployments and research

Language: Rust - Size: 19.2 MB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 0 - Forks: 0

vthib/boreal

Safe and performant YARA rules evaluator in Rust

Language: Rust - Size: 5.32 MB - Last synced at: 17 days ago - Pushed at: 17 days ago - Stars: 66 - Forks: 4

radareorg/r2yara

yara and radare2, better together

Language: C - Size: 184 KB - Last synced at: 18 days ago - Pushed at: 18 days ago - Stars: 26 - Forks: 5

elceef/yara-rulz

Collection of generic YARA rules

Language: YARA - Size: 27.3 KB - Last synced at: 18 days ago - Pushed at: 18 days ago - Stars: 16 - Forks: 2

InQuest/awesome-yara

A curated list of awesome YARA rules, tools, and people.

Size: 282 KB - Last synced at: 18 days ago - Pushed at: 5 months ago - Stars: 3,929 - Forks: 527

VirusTotal/yara-python

The Python interface for YARA

Language: C - Size: 321 KB - Last synced at: 14 days ago - Pushed at: 3 months ago - Stars: 701 - Forks: 188

Neo23x0/Loki2

LOKI2 - Simple IOC and YARA Scanner

Language: Rust - Size: 2.1 MB - Last synced at: 4 days ago - Pushed at: 2 months ago - Stars: 102 - Forks: 14

c3rb3ru5d3d53c/binlex

A Binary Genetic Traits Lexer Framework

Language: Rust - Size: 18.1 MB - Last synced at: 22 days ago - Pushed at: 22 days ago - Stars: 501 - Forks: 56

jtpox/Yara-X-Sharp

A simple wrapper for Yara-X pattern matching on .NET.

Language: C# - Size: 57.6 KB - Last synced at: 19 days ago - Pushed at: 19 days ago - Stars: 1 - Forks: 0

sorarthur/Veritas

A user-friendly Digital Forensics Tool built with Python and Tkinter for static malware analysis, metadata extraction, and YARA scanning.

Language: YARA - Size: 10.2 MB - Last synced at: 23 days ago - Pushed at: 23 days ago - Stars: 0 - Forks: 0

keysas-fr/keysas

USB virus cleaning station/gateway

Language: Rust - Size: 9.6 MB - Last synced at: 6 days ago - Pushed at: 29 days ago - Stars: 55 - Forks: 4

roadwy/DefenderYara

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Language: YARA - Size: 78 MB - Last synced at: 25 days ago - Pushed at: 25 days ago - Stars: 447 - Forks: 70

kidrek/secubian

SECUBIAN is a French Linux distribution focused on evidence processing during Incident Response.

Language: Python - Size: 48.2 MB - Last synced at: 26 days ago - Pushed at: 26 days ago - Stars: 5 - Forks: 3

Infinit3i/Detection-Wizard

Pulls yara, suricata, sigma, & splunk

Language: Rust - Size: 308 KB - Last synced at: 28 days ago - Pushed at: 28 days ago - Stars: 3 - Forks: 0

hillu/go-yara

Go bindings for YARA

Language: Go - Size: 289 KB - Last synced at: 22 days ago - Pushed at: 2 months ago - Stars: 377 - Forks: 111

jvoisin/php-malware-finder 📦

Detect potentially malicious PHP files

Language: PHP - Size: 3.58 MB - Last synced at: 4 days ago - Pushed at: almost 2 years ago - Stars: 1,478 - Forks: 283

cybersecurity-dev/awesome-yara

Awesome YARA

Size: 23.4 KB - Last synced at: 8 days ago - Pushed at: about 1 month ago - Stars: 1 - Forks: 0

RamadhanAmizudin/python-icap-yara

An ICAP Server with yara scanner for URL and content.

Language: Python - Size: 19.5 KB - Last synced at: 4 days ago - Pushed at: 9 months ago - Stars: 58 - Forks: 13

F5-Labs/SparkRAT-YARA-rules

Size: 4.88 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 0

spyre-project/spyre

simple YARA-based IOC scanner

Language: Go - Size: 344 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 169 - Forks: 28

michelcrypt4d4mus/yaralyzer

Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.

Language: Python - Size: 13.5 MB - Last synced at: about 1 month ago - Pushed at: 2 months ago - Stars: 133 - Forks: 14

YaraMan is a standalone web application for managing YARA rules and scanning files for malware detection. It provides an intuitive web interface with dedicated pages for file scanning and YARA rule management, featuring comprehensive threat detection results and advanced rule compilation support.

Language: HTML - Size: 73.2 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 0 - Forks: 1

bartblaze/Yara-rules

Collection of private Yara rules.

Language: YARA - Size: 270 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 363 - Forks: 56

stellarbear/YaraSharp

C# wrapper around the Yara pattern matching library

Language: C - Size: 23.8 MB - Last synced at: about 1 month ago - Pushed at: over 3 years ago - Stars: 42 - Forks: 9

uvasoftware/yara-language-nsfw

Lists of not-suitable-for-work words as YARA rules

Language: YARA - Size: 77.1 KB - Last synced at: 7 days ago - Pushed at: 4 months ago - Stars: 29 - Forks: 6

ThreatLabz/iocs

This repository is for Indicators of Compromise (IOCs) from Zscaler ThreatLabz public reports

Language: YARA - Size: 251 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 73 - Forks: 13

CybercentreCanada/assemblyline-service-yara

Assemblyline 4 Yara signature and Post tag processing services

Language: Python - Size: 427 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 5 - Forks: 6

CERT-Polska/karton-yaramatcher

File and analysis artifacts yara matcher for Karton framework

Language: Python - Size: 563 KB - Last synced at: 8 days ago - Pushed at: about 2 months ago - Stars: 6 - Forks: 9

jbvillegas/_RanDT

A comprehensive, ransomware detection system using YARA rules for monitoring and analyzing files on macOS systems. RanDT provides enterprise-grade security monitoring for Documents, Desktop, and Downloads folders.

Language: YARA - Size: 69.3 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

kenayVaz/Yara-X-Sharp

A simple C# wrapper for Yara-X, utilizing the Yara-X C/C++ API. Easily compile and scan rules for malware detection. 🐙🔍

Language: C# - Size: 15.6 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 0 - Forks: 0

Raspirus/yara-rules

A collection of YARA rules for Raspirus

Language: YARA - Size: 5.66 MB - Last synced at: 6 days ago - Pushed at: 3 months ago - Stars: 4 - Forks: 0

wgpsec/whohk

whohk，linux下一款强大的应急响应工具在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况，有的时候还需要做一些格式处理，这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来，并处理成了较为友好的格式，只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。

Language: YARA - Size: 5.31 MB - Last synced at: about 2 months ago - Pushed at: over 1 year ago - Stars: 558 - Forks: 69

Stellar9113/blist

Blist is a web-based file storage program that simplifies managing your files online. Join our community on Telegram and explore the installation guide to get started! 🌟🐙

Language: Vue - Size: 541 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0

cedricbonhomme/pyHIDS

A HIDS (host-based intrusion detection system) for verifying the integrity of a system.

Language: Python - Size: 849 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 59 - Forks: 14

kh4sh3i/THOR-Forensics-Toolkit

THOR Lite is a free, signature-based incident response scanner using YARA, Sigma, and known IOCs to detect threats and anomalies on Windows, Linux, and macOS systems.

Size: 98.6 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 0 - Forks: 0

InQuest/ThreatIngestor

Extract and aggregate threat intelligence.

Language: Python - Size: 1.65 MB - Last synced at: 2 months ago - Pushed at: over 1 year ago - Stars: 872 - Forks: 137

cod3nym/detection-rules

Collection of my own detection rules

Language: YARA - Size: 51.8 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 20 - Forks: 2

reversinglabs/reversinglabs-yara-rules

ReversingLabs YARA Rules

Language: YARA - Size: 572 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 825 - Forks: 110

5kidRo0t/VenomStrike

VenomStrike: A lightweight, blazing-fast malware scanner that identifies known threats via SHA-256, MD5 hashes and YARA rules. Confirms if a file is a known malware sample. No bloat — just raw speed, simplicity, and full portability.

Language: YARA - Size: 99.6 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 1 - Forks: 0

dobin/defender2yara Fork of t-tani/defender2yara

Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB

Language: Python - Size: 8.6 MB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 8 - Forks: 1

Hugal31/yara-rust

Rust bindings for VirusTotal/Yara

Language: Rust - Size: 713 KB - Last synced at: 20 days ago - Pushed at: 6 months ago - Stars: 78 - Forks: 28

pressidium/pressidium-yara-rules

Welcome to the Pressidium® Yara Rules repository. This section contains a carefully curated collection of Yara rules specifically designed to detect and prevent WordPress or PHP malware and viruses, ensuring a safer online environment.

Language: YARA - Size: 58.6 KB - Last synced at: 4 days ago - Pushed at: almost 2 years ago - Stars: 14 - Forks: 0

a-sarja/Revisor

Revisor is a multi-AV file analyzer used to determine whether a file is malicious or not. It is integrated with Virus Total and ClamAV. It also provides crowd sourced Yara rules to identify the malware file.

Language: Python - Size: 1.19 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 29 - Forks: 19