Alternatives and similar repositories for YaraRules

Users that are interested in YaraRules are comparing it to the libraries listed below

• JPCERTCC / CobaltStrike-Config
  Repository for archiving Cobalt Strike configuration
  ☆30Updated this week
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• matthw / malware_analysis
  ☆18Updated last year
• SIFalcon / Detection
  ☆22Updated last year
• EgeBalci / syscall_api
  ☆37Updated last year
• MALWARE-ATLAS / ATLAS
  ATLAS - Malware Analysis Description
  ☆21Updated last year
• paranoidninja / Cobaltstrike-Detection
  This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared
  ☆89Updated last year
• FarghlyMal / Config-Extractors
  ☆27Updated 5 months ago
• VirtualAlllocEx / Taskschedule-Persistence-Download-Cradles
  Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
  ☆86Updated 2 years ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆43Updated last year
• 0xTriboulet / ZeroTotal
  A collection of source code, binaries, and compilation scripts designed to bypass detection
  ☆25Updated 2 years ago
• phackt / wptsextensions.dll
  WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.
  ☆54Updated 3 years ago
• AhmedKamal1432 / Evilize
  Triaging Windows event logs based on SANS Poster
  ☆39Updated 2 years ago
• tccontre / Reg-Restore-Persistence-Mole
  a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…
  ☆51Updated last year
• vvelitkn / Evasion-Escaper
  Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…
  ☆106Updated 3 months ago
• lasq88 / MalwareAnalysis
  Malware Analysis tools
  ☆26Updated 8 months ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated 2 years ago
• jsecurity101 / LDAPMon
  ☆45Updated last year
• lapolis / palinka_c2
  Just another useless C2 occupying space in some HDD somewhere.
  ☆20Updated last year
• JPCERTCC / Lazarus-research
  Lazarus analysis tools and research report
  ☆56Updated last year
• decoder-it / Troopers24
  ☆41Updated 10 months ago
• RomanRII / jenkins-strike
  Cobalt Strike profile generator using Jenkins to automate the heavy lifting
  ☆36Updated 2 years ago
• san3ncrypt3d / AESShellCodeInjector
  This program will take encrypted shell code and decrypt it in run time and inject it into another process
  ☆29Updated 3 years ago
• MythicC2Profiles / http
  Simple HTTP async comms using standard GET/POST requests
  ☆33Updated 2 months ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆43Updated last year
• knight0x07 / PoC-Malware-TTPs
  PoC-Malware-TTPs
  ☆49Updated 2 years ago
• mertdas / SharpLDAP
  SharpLDAP is a tool written in C# that aims to do enumeration via LDAP queries
  ☆1Updated 2 years ago
• rivitna / APT
  ☆14Updated 2 years ago
• StrikeReady-Inc / samples
  shared samples from #dailyphish and/or #apt tweets
  ☆39Updated 2 weeks ago
• X-Junior / Malware-IDAPython-Scripts
  ☆22Updated 11 months ago