100DaysofYARA / 2025
Rules shared by the community from 100 Days of YARA 2025
☆32Updated 3 months ago
Alternatives and similar repositories for 2025:
Users that are interested in 2025 are comparing it to the libraries listed below
- Repository that contains a set of purposefully erroneous Yara rules.☆51Updated last year
- Suzaku (朱雀) is a sigma-based threat hunting and fast forensics timeline generator for cloud logs.☆62Updated this week
- FJTA (Forensic Journal Timeline Analyzer) is a tool that analyzes Linux filesystem (EXT4, XFS) journals (not systemd-journald), generates…☆63Updated 3 weeks ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆74Updated this week
- Baseline a Windows System against LOLBAS☆26Updated last year
- ☆87Updated 2 months ago
- A pySigma wrapper and langchain toolkit for automatic rule creation/translation☆78Updated 2 weeks ago
- A repository to share publicly available Velociraptor detection content☆156Updated this week
- A preconfigured Velociraptor triage collector☆51Updated this week
- Repository documenting how Threat Intelligence and / or a Threat Intelligence Platform can prove its value to an organisation.☆51Updated 6 months ago
- NOVA: The Prompt Pattern Matching☆60Updated last week
- The core backend server handling API requests and task management☆38Updated 2 weeks ago
- Summiting the Pyramid is a research project focused on engineering cyber analytics to make adversary evasion more difficult. The research…☆37Updated last month
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆28Updated this week
- Tools and scripts to deploy and manage OpenRelik instances☆13Updated 2 months ago
- The ultimate repository for remotely deploying Crowdstrike sensors quickly and discreetly on any other EDR platform.☆23Updated 2 weeks ago
- A simple tool designed to create Atomic Red Team tests with ease.☆39Updated last month
- A high-speed forensic timeline creation tool for DFIR Investigators to quickly combine CSV files from EZ Tools/Kape, Axiom, Hayabusa, Cha…☆42Updated this week
- Detection Engineering with YARA☆87Updated last year
- Remote access and Antivirus Logging Database☆42Updated 11 months ago
- VelociraptorMCP is a Model Context Protocol bridge for exposing LLMs to MCP clients.☆17Updated last week
- Mapping of open-source detection rules and atomic tests.☆163Updated 3 months ago
- ☆16Updated 5 months ago
- Framework for Monitoring File Ingestion Source for Yara Matches☆46Updated last month
- ☆68Updated 4 months ago
- CarbonBlack EDR detection rules and response actions☆71Updated 7 months ago
- A specification and style guide for YARA rules☆48Updated last year
- God Mode Detection Rules☆134Updated 8 months ago
- This project is an Ansible Role to execute Atomic Red Team tests against multiple machines by wrapping Invoke-AtomicRedTeam☆27Updated 9 months ago
- Sigma detection rules for hunting with the threathunting-keywords project☆55Updated last month