Ecosyste.ms: Repos
An open API service providing repository metadata for many open source software ecosystems.
GitHub topics: yara
YARA-Silly-Silly/yarasilly2
Automatic generation of YARA rules from sample files.
Language: Python - Size: 317 KB - Last synced: 19 days ago - Pushed: 19 days ago - Stars: 26 - Forks: 3
V1D1AN/S1EM
This project is a SIEM with SIRP and Threat Intel, all in one.
Language: Shell - Size: 10.7 MB - Last synced: 3 months ago - Pushed: 4 months ago - Stars: 382 - Forks: 72
nyx0/YaraSyntax
YARA package for Sublime Text
Language: YARA - Size: 108 KB - Last synced: 5 days ago - Pushed: over 1 year ago - Stars: 19 - Forks: 9
SupportIntelligence/Icewater
16,432 Free Yara rules created by
Language: YARA - Size: 4.34 MB - Last synced: about 2 months ago - Pushed: almost 5 years ago - Stars: 379 - Forks: 61
PUNCH-Cyber/YaraGuardian
Django web interface for managing Yara rules
Language: Python - Size: 831 KB - Last synced: about 1 month ago - Pushed: almost 6 years ago - Stars: 187 - Forks: 43
aleprada/my_yara_rules
A repository with the yara rules that I've been using for improving my yara skills and hunting malware.
Language: YARA - Size: 15.6 KB - Last synced: 3 months ago - Pushed: over 2 years ago - Stars: 1 - Forks: 0
seanpm2001/AI2001_Category-Source_Code-SC-YARA
🧠️🖥️2️⃣️0️⃣️0️⃣️1️⃣️💾️📜️ The sourceCode:YARA category for AI2001, containing YARA programming language datasets
Language: R - Size: 2.46 MB - Last synced: 25 days ago - Pushed: 5 months ago - Stars: 2 - Forks: 1
wgpsec/whohk
whohk,linux下一款强大的应急响应工具 在linux下的应急响应往往需要通过繁琐的命令行来查看各个点的情况,有的时候还需要做一些格式处理,这对于linux下命令不是很熟悉的人比较不友好。本工具将linux下应急响应中常用的一些操作给集合了起来,并处理成了较为友好的格式,只需要通过一个参数就能代替繁琐复杂的命令来实现对各个点的检查。
Language: YARA - Size: 5.31 MB - Last synced: 3 months ago - Pushed: 4 months ago - Stars: 418 - Forks: 69
ysrc/shelldaddy
跨平台 webshell 静态扫描器
Size: 2.93 KB - Last synced: 3 months ago - Pushed: over 6 years ago - Stars: 34 - Forks: 15
uvasoftware/yara-language-nsfw
Lists of not-suitable-for-work words as YARA rules
Language: YARA - Size: 86.9 KB - Last synced: about 1 month ago - Pushed: 7 months ago - Stars: 25 - Forks: 5
CERT-Bund/yara-exporter 📦
Exporting MISP event attributes to yara rules usable with Thor apt scanner
Language: Python - Size: 14.6 KB - Last synced: 3 months ago - Pushed: about 7 years ago - Stars: 22 - Forks: 9
Neo23x0/yarGen
yarGen is a generator for YARA rules
Language: Python - Size: 1.27 MB - Last synced: 3 months ago - Pushed: 5 months ago - Stars: 1,414 - Forks: 278
CERT-Polska/karton-yaramatcher
File and analysis artifacts yara matcher for Karton framework
Language: Python - Size: 565 KB - Last synced: 3 months ago - Pushed: 10 months ago - Stars: 5 - Forks: 9
codeyourweb/vt-rulesets-exporter
Export livehunt rulesets and rules from your VirusTotal account to your local filesystem
Language: Go - Size: 4.88 KB - Last synced: 3 months ago - Pushed: over 3 years ago - Stars: 1 - Forks: 0
mohamedbenchikh/MDML
Malware Detection using Machine Learning (MDML)
Language: Python - Size: 2.38 MB - Last synced: 3 months ago - Pushed: over 1 year ago - Stars: 40 - Forks: 7
c0m4r/paranoya
Simple IOC and YARA scanner for Linux®
Language: Python - Size: 38.5 MB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 2 - Forks: 0
sk4la/plast
Modular command-line threat hunting tool & framework.
Language: Python - Size: 1.04 MB - Last synced: about 1 month ago - Pushed: almost 4 years ago - Stars: 16 - Forks: 4
corumir/Groom-Porter
Simple script to do some quality control and pull metrics from YARA files.
Language: Python - Size: 10.7 KB - Last synced: 21 days ago - Pushed: over 6 years ago - Stars: 4 - Forks: 2
stairwell-inc/threat-research
Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
Language: YARA - Size: 222 KB - Last synced: 4 months ago - Pushed: 4 months ago - Stars: 17 - Forks: 4
rjzak/decompressingyara
For running Yara rules on malware samples stored in compressed files.
Language: Go - Size: 9.77 KB - Last synced: about 1 month ago - Pushed: about 1 year ago - Stars: 6 - Forks: 1
mez-0/YaraEngine
A C++ Yara Rule Runner
Language: C++ - Size: 75.2 KB - Last synced: 4 months ago - Pushed: about 2 years ago - Stars: 11 - Forks: 4
Onils/yara-linux-malware
Detect Linux malicious files with Yara.
Language: YARA - Size: 3.91 KB - Last synced: 4 months ago - Pushed: about 3 years ago - Stars: 3 - Forks: 1
cod3nym/detection-rules
Collection of my own detection rules
Language: YARA - Size: 50.8 KB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 10 - Forks: 2
fkie-cad/yapscan
Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
Language: Go - Size: 656 KB - Last synced: about 1 month ago - Pushed: 10 months ago - Stars: 49 - Forks: 13
hashlookup/a-ray-grass
a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly discard known files "pour séparer le grain de l'ivraie"
Language: C - Size: 45.9 KB - Last synced: about 1 month ago - Pushed: almost 2 years ago - Stars: 11 - Forks: 0
fxb-cocacoding/java2yara
A minimal library to generate YARA rules from JAVA
Language: Java - Size: 237 KB - Last synced: about 1 month ago - Pushed: about 2 years ago - Stars: 2 - Forks: 0
YARA-Java/YARA-Java
Java bindings for the YARA C API
Language: Java - Size: 394 KB - Last synced: 4 months ago - Pushed: 4 months ago - Stars: 0 - Forks: 0
fr0gger/Yara-Unprotect
This repository regroups the Yara Rules for the Unprotect Project
Language: YARA - Size: 201 KB - Last synced: about 2 months ago - Pushed: over 3 years ago - Stars: 25 - Forks: 10
w8mej/neurostorm_hub
This is your guide to the AI Tier 1/2/3 SOC, your grimoire of spells and wards against the digital nasties.
Language: Jupyter Notebook - Size: 12.1 MB - Last synced: 3 months ago - Pushed: 3 months ago - Stars: 0 - Forks: 0
erdemkm/zeekYaraScanner
Scan extracted file from Zeek with Yara rules and get statistical analysis for matching files. Optionally, simulate matching malicious files with Picus.
Language: Python - Size: 32.2 KB - Last synced: 5 months ago - Pushed: 5 months ago - Stars: 12 - Forks: 0
meese-enterprises/yara-rules
Yara rules for detecting interesting or malicious network traffic.
Language: YARA - Size: 9.77 KB - Last synced: about 1 month ago - Pushed: 6 months ago - Stars: 1 - Forks: 0
0xN3utr0n/Kanis
Advanced threat detection solution for Linux.
Language: Go - Size: 151 KB - Last synced: 3 months ago - Pushed: over 3 years ago - Stars: 33 - Forks: 4
karust/regexcmp
A tool to compare different regexp libraries in Go
Language: Go - Size: 20.5 KB - Last synced: about 1 month ago - Pushed: 9 months ago - Stars: 1 - Forks: 0
abhinavbom/clara
Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets
Language: Python - Size: 8.29 MB - Last synced: about 1 month ago - Pushed: 3 months ago - Stars: 30 - Forks: 4
Neo23x0/yaraQA
YARA rule analyzer to improve rule quality and performance
Language: Python - Size: 8.15 MB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 92 - Forks: 4
bnbdr/swisscheese
Exploits for YARA 3.7.1 & 3.8.1
Language: Python - Size: 1.8 MB - Last synced: 4 months ago - Pushed: over 5 years ago - Stars: 29 - Forks: 4
TcM1911/zig2yar
Use Radare2's zignatures to generate Yara signatures
Language: Go - Size: 744 KB - Last synced: 2 months ago - Pushed: over 3 years ago - Stars: 4 - Forks: 3
thewhiteninja/yarasploit
YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
Language: YARA - Size: 430 KB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 41 - Forks: 6
saferwall/yara-rules
Saferwall Yara Rules
Language: YARA - Size: 22.5 KB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 4 - Forks: 0
mandiant/thiri-notebook 📦
The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat hunting rules.
Language: Python - Size: 28.3 KB - Last synced: 7 months ago - Pushed: about 2 years ago - Stars: 147 - Forks: 15
threatcode/YARA
The pattern matching swiss knife
Language: C - Size: 3.71 MB - Last synced: about 1 month ago - Pushed: 8 months ago - Stars: 1 - Forks: 0
CERT-Polska/ursadb
Trigram database written in C++, suited for malware indexing
Language: C++ - Size: 6.27 MB - Last synced: 7 months ago - Pushed: over 1 year ago - Stars: 107 - Forks: 24
nccgroup/yaml2yara
Generate bulk YARA rules from YAML input
Language: HTML - Size: 38.1 KB - Last synced: 14 days ago - Pushed: over 4 years ago - Stars: 19 - Forks: 4
LeakIX/YaraStream
Yara io scanning library for Golang
Language: Go - Size: 30.3 KB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 1 - Forks: 0
Krkn-Sec/YARA-Rules
Various YARA rules I've created.
Language: YARA - Size: 30.3 KB - Last synced: 7 months ago - Pushed: over 1 year ago - Stars: 2 - Forks: 1
wrayjustin/yaids
YAIDS - Yara-Based IDS - Yara as an Intrusion Detection System / Yet Another Intrusion Detection System - An Intrusion Detection System (IDS) utilizing Yara and multi-threading
Language: C - Size: 952 KB - Last synced: about 2 months ago - Pushed: over 1 year ago - Stars: 20 - Forks: 6
imp0rtp3/yara-rules
Yara rules written by me, for free use.
Language: YARA - Size: 30.3 KB - Last synced: about 2 months ago - Pushed: over 2 years ago - Stars: 18 - Forks: 3
Yara-Rules/r2yara 📦
r2yara - Module for Yara using radare2 information
Language: C - Size: 75.9 MB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 33 - Forks: 10
imp0rtp3/js-yara-rules
Yara rules for malicious javascript files from public repositories or written by me.
Language: YARA - Size: 69.3 KB - Last synced: 5 months ago - Pushed: over 2 years ago - Stars: 9 - Forks: 2
LeakIX/yara-repo-misc
Yara rules gathered from misc places
Language: YARA - Size: 9.77 KB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 0 - Forks: 0
mandiant/heyserial
Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, and rule types
Language: YARA - Size: 56.3 MB - Last synced: 7 months ago - Pushed: 12 months ago - Stars: 130 - Forks: 21
3c7/yaramanager 📦
Simple yara rule manager
Language: Python - Size: 244 KB - Last synced: 26 days ago - Pushed: over 1 year ago - Stars: 64 - Forks: 10
DissectMalware/npp-langs-4-sec
Notepad++ Syntax Highlighting for Languages Used by Cyber Security Professionals
Size: 309 KB - Last synced: 21 days ago - Pushed: almost 4 years ago - Stars: 15 - Forks: 3
DissectMalware/base64_substring
Generate a Yara rule to find base64-encoded files containg a specific keyword
Language: Python - Size: 11.7 KB - Last synced: 21 days ago - Pushed: almost 6 years ago - Stars: 40 - Forks: 3
PUNCH-Cyber/stoq-plugins-public
stoQ Public Plugins
Language: Python - Size: 10.4 MB - Last synced: about 1 month ago - Pushed: about 1 year ago - Stars: 72 - Forks: 24
Loginsoft-Research/Linux-Exploit-Detection
Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma
Language: Open Policy Agent - Size: 67.4 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 16 - Forks: 1
hashlookup/fleur
Fleur implements a Bloom Filter library in C that is fully compatible with DCSO's Go and python implementations.
Language: C - Size: 468 KB - Last synced: 7 months ago - Pushed: about 1 year ago - Stars: 116 - Forks: 7
RachidAZ/ELTE_Scanner
suspecious files detector
Language: C# - Size: 604 KB - Last synced: 8 months ago - Pushed: about 4 years ago - Stars: 2 - Forks: 2
NextSecurity/YaraGuardian Fork of PUNCH-Cyber/YaraGuardian
Django web interface for managing Yara rules
Language: Python - Size: 760 KB - Last synced: 8 months ago - Pushed: over 6 years ago - Stars: 0 - Forks: 0
bnbdr/ida-yara-processor
IDA Processor for Compiled YARA Rules
Language: Python - Size: 78.1 KB - Last synced: about 1 month ago - Pushed: over 5 years ago - Stars: 26 - Forks: 4
tatsuiman/rpot2
Real-time Packet Observation Tool
Language: Bro - Size: 145 MB - Last synced: about 2 months ago - Pushed: 8 months ago - Stars: 40 - Forks: 6
lubiedo/threatintel
threat intel and related randomness
Language: PHP - Size: 64.5 KB - Last synced: 8 months ago - Pushed: 8 months ago - Stars: 4 - Forks: 0
mpodolsk/boreal_py
python module for using boreal rust lib that implements YARA
Language: Rust - Size: 45.9 KB - Last synced: 7 months ago - Pushed: 7 months ago - Stars: 0 - Forks: 0
strfx/clava
clava 🔍: Generate Code-Based Yara Rules using Machine Learning.
Language: Python - Size: 470 KB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 4 - Forks: 0
nbareil/yara-dedup
Dedup yara rules based on their rule identifier
Language: Go - Size: 5.86 KB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 0 - Forks: 0
Northern-Lights/yara-parser
Tools for parsing rulesets using the exact grammar as YARA. Written in Go.
Language: Go - Size: 370 KB - Last synced: about 1 month ago - Pushed: over 1 year ago - Stars: 79 - Forks: 9
ninoseki/uzen
Website crawler with YARA detection
Language: Python - Size: 6.51 MB - Last synced: 9 months ago - Pushed: 9 months ago - Stars: 88 - Forks: 10
seanthegeek/yaramail
A Python package and command line utility for scanning emails with YARA rules
Language: Python - Size: 3.71 MB - Last synced: 21 days ago - Pushed: 5 months ago - Stars: 18 - Forks: 4
boz3r/boyo
The collection of YARA rules to perform botnets threat hunting.
Language: YARA - Size: 18.6 KB - Last synced: 6 months ago - Pushed: 6 months ago - Stars: 0 - Forks: 0
pjsacchet/Yara-Malware-Signature-Detection Fork of f19-cs466/project-patrick-javon-malwaresig
Malware Signature Project implemented using YARA
Language: Python - Size: 3.79 MB - Last synced: 9 months ago - Pushed: over 4 years ago - Stars: 1 - Forks: 0
BitsOfBinary/yarabuilder
Python 3 library to build YARA rules.
Language: Python - Size: 172 KB - Last synced: 27 days ago - Pushed: over 2 years ago - Stars: 12 - Forks: 2
torsm/conan-yara
conan.io recipe for the yara library
Language: CMake - Size: 2.93 KB - Last synced: 9 months ago - Pushed: over 3 years ago - Stars: 0 - Forks: 0
ManuelBerrueta/YARA-rules
Yara rules
Language: YARA - Size: 5.86 KB - Last synced: 10 months ago - Pushed: over 2 years ago - Stars: 1 - Forks: 0
3c7/yara-rules
Some shared yara rules
Language: YARA - Size: 15.6 KB - Last synced: 10 months ago - Pushed: about 2 years ago - Stars: 0 - Forks: 0
nblog/x64dbg-yaraScan
x64dbg-plugin Yara
Language: YARA - Size: 67.4 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 5 - Forks: 3
qSharpy/threatnav
Cyber threat detection and analysis platform
Language: Shell - Size: 12.8 MB - Last synced: 10 months ago - Pushed: over 3 years ago - Stars: 2 - Forks: 1
mandiant/apooxml
Generate YARA rules for OOXML documents.
Language: Python - Size: 7.81 KB - Last synced: 9 months ago - Pushed: 12 months ago - Stars: 36 - Forks: 8
BitsOfBinary/yaraparser
Python 3 tool to parse Yara rules (extension of yarabuilder)
Language: Python - Size: 10.7 KB - Last synced: about 1 month ago - Pushed: almost 4 years ago - Stars: 7 - Forks: 2
jaegeral/yara-forensics-rules
A collection of yara rules that can be used for forensics (non malware) cases but also some other rules
Language: YARA - Size: 35.2 KB - Last synced: 10 months ago - Pushed: over 1 year ago - Stars: 2 - Forks: 0
jlamk/yarge
yarge Editor is a powerful, cross-platform, free, and open-source tool designed specifically for editing YARA rules.
Language: C++ - Size: 409 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 0 - Forks: 0
tcakmak0/yara-scan-api
The YARA-Scanner application is a web-based tool that allows you to scan uploaded files against YARA rules to detect specific patterns or signatures in the files.
Language: Python - Size: 24.4 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 0 - Forks: 0
fdx0/oryx
Oryx is a task queuing system with asynchronous multiprocessing for managing Yara scans.
Language: YARA - Size: 180 KB - Last synced: 10 months ago - Pushed: almost 3 years ago - Stars: 0 - Forks: 0
selsocono/simple-yara
simple-yara scanner for all architectures and all versions of Windows OS
Language: Dockerfile - Size: 9.77 KB - Last synced: 10 months ago - Pushed: 10 months ago - Stars: 1 - Forks: 0
nbareil/yaraparser-go
scanning and parsing yara files just for fun, ⚠️ NOT (intented to be) FINISHED!
Language: Go - Size: 12.7 KB - Last synced: 11 months ago - Pushed: about 6 years ago - Stars: 1 - Forks: 0
CyberDefenses/CDI_yara
A collection of YARA rules for public use. Built from information in intelligence profiles, dossiers and file work.
Size: 2.93 KB - Last synced: about 1 month ago - Pushed: 9 months ago - Stars: 17 - Forks: 4
Quentin-M/vautour
A distributed & extensible web hunter
Language: Go - Size: 1.58 MB - Last synced: 11 months ago - Pushed: over 4 years ago - Stars: 9 - Forks: 1
sathishshan/S_Yara-ruleset
S_yara-ruleset is based on Web Malwares (Open Source)
Size: 89.8 KB - Last synced: 2 months ago - Pushed: over 4 years ago - Stars: 1 - Forks: 0
zinderic/mkyar
Simple tool to automatically create Yara rules that map a binary file
Language: Go - Size: 25.4 KB - Last synced: 9 months ago - Pushed: 10 months ago - Stars: 1 - Forks: 0
nogoodconfig/pyarascanner
A simple many-rules to many-files YARA scanner for incident response or malware zoos.
Language: Python - Size: 39.1 KB - Last synced: about 1 month ago - Pushed: almost 6 years ago - Stars: 25 - Forks: 4
fox-it/operation-wocao
Operation Wocao - Indicators of Compromise
Language: YARA - Size: 5.86 KB - Last synced: 10 months ago - Pushed: over 4 years ago - Stars: 30 - Forks: 7
PimmyTrousers/malpedia_cli
Commandline utility to interact with the Malpedia service
Language: Go - Size: 8.46 MB - Last synced: 11 months ago - Pushed: over 4 years ago - Stars: 18 - Forks: 3
masq/masq.github.io
www.spencerwalden.net. Spencer Walden's Infosec blog
Language: Shell - Size: 1.62 MB - Last synced: 2 months ago - Pushed: over 1 year ago - Stars: 1 - Forks: 1
blacktop/docker-yara 📦
Yara Dockerfile
Language: YARA - Size: 1.03 MB - Last synced: 10 months ago - Pushed: over 1 year ago - Stars: 47 - Forks: 14
elceef/yara-rulz
Collection of generic YARA rules
Language: YARA - Size: 20.5 KB - Last synced: 12 months ago - Pushed: 12 months ago - Stars: 10 - Forks: 0
alt3kx/wafaray
Enhance your malware detection with WAF + YARA (WAFARAY)
Language: Shell - Size: 1.41 MB - Last synced: about 1 year ago - Pushed: over 1 year ago - Stars: 80 - Forks: 10
darsh12/ansible-yara
Ansible role - Build and install yara from source
Size: 28.3 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 1 - Forks: 0
coraltk/pkt
stateless firewall with yara like rules in python
Language: Python - Size: 356 KB - Last synced: about 1 year ago - Pushed: almost 2 years ago - Stars: 1 - Forks: 0
OfekRv/YARApi
Language: Python - Size: 71.3 KB - Last synced: about 1 year ago - Pushed: about 1 year ago - Stars: 0 - Forks: 0
seanpm2001/Learn-YARA
A repository for showcasing my knowledge of the YARA programming language, and continuing to learn the language.
Language: YARA - Size: 341 KB - Last synced: 25 days ago - Pushed: over 1 year ago - Stars: 2 - Forks: 1
umair9747/yara-rules
This repository contains a list of known YARA rules which researchers can use according to their needs.The repository is opensource and can be used by the end users as long as they follow the GNU GENERAL PUBLIC LICENSE V3.
Language: YARA - Size: 121 KB - Last synced: 12 months ago - Pushed: over 1 year ago - Stars: 6 - Forks: 6