Alternatives and similar repositories for YaraRules:

Users that are interested in YaraRules are comparing it to the libraries listed below

• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• JPCERTCC / CobaltStrike-Config
  Repository for archiving Cobalt Strike configuration
  ☆29Updated this week
• matthw / malware_analysis
  ☆18Updated last year
• MALWARE-ATLAS / ATLAS
  ATLAS - Malware Analysis Description
  ☆20Updated last year
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• knight0x07 / PoC-Malware-TTPs
  PoC-Malware-TTPs
  ☆49Updated 2 years ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆43Updated last year
• FarghlyMal / Config-Extractors
  ☆25Updated 4 months ago
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆105Updated last month
• mertdas / SharpLDAP
  SharpLDAP is a tool written in C# that aims to do enumeration via LDAP queries
  Updated 2 years ago
• san3ncrypt3d / AESShellCodeInjector
  This program will take encrypted shell code and decrypt it in run time and inject it into another process
  ☆29Updated 3 years ago
• JPCERTCC / Lazarus-research
  Lazarus analysis tools and research report
  ☆55Updated last year
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆93Updated 2 years ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated last year
• advanced-threat-research / NetLlix
  A project created with an aim to emulate and test exfiltration of data over different network protocols.
  ☆31Updated 2 years ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆39Updated 6 months ago
• jsecurity101 / LDAPMon
  ☆45Updated last year
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆42Updated last year
• SevenStones / auditpolCIS
  CIS Benchmark testing of Windows SIEM configuration
  ☆44Updated last year
• RedTeamOperations / Detecting-Adversarial-Tradecrafts-Tools-by-leveraging-ETW
  CyberWarFare Labs hands-on workshop on the topic "Detecting Adversarial Tradecrafts/Tools by leveraging ETW"
  ☆48Updated 3 years ago
• dru1d-foofus / GetLAPSPassword
  A LAPS dumper written using the impacket library.
  ☆31Updated last year
• X-Junior / Malware-IDAPython-Scripts
  ☆22Updated 10 months ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• mr-r3b00t / NotProxyShellHunter
  Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082
  ☆25Updated 2 years ago
• phackt / wptsextensions.dll
  WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
  ☆53Updated 3 years ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆30Updated 2 years ago
• nettitude / SyscallsExtractor
  ☆23Updated 3 years ago
• EgeBalci / syscall_api
  ☆37Updated last year
• montysecurity / InfraSpyder
  Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.
  ☆27Updated last year
• lawiet47 / autoresponder
  Carbon Black Response IR tool
  ☆53Updated 4 years ago