Threat Detection Rules (Snort/Sigma/Yara)
☆14Jan 23, 2024Updated 2 years ago
Alternatives and similar repositories for detection
Users that are interested in detection are comparing it to the libraries listed below
Sorting:
- ☆15Nov 25, 2021Updated 4 years ago
- a-ray-grass is a yara module that provides support for DCSO-format bloom filters in yara. In the context of hashlookup, it allows quickly…☆14Aug 19, 2022Updated 3 years ago
- ☆10Dec 24, 2022Updated 3 years ago
- Unpacking and decryption tools for the Emotet malware☆44Dec 5, 2021Updated 4 years ago
- Cyber Threats Detection Rules☆14Sep 16, 2025Updated 6 months ago
- Repository to provide files related to our blog articles.☆16May 26, 2025Updated 9 months ago
- An extendable tool to extract and aggregate IoCs from threat feeds☆33Feb 6, 2024Updated 2 years ago
- OpenCTI Documentation Space☆26Dec 18, 2025Updated 3 months ago
- Debian and Red Hat packaging for SIE DNS sensor☆15May 5, 2023Updated 2 years ago
- ☆64Apr 1, 2021Updated 4 years ago
- Sigma detection rules for hunting with the threathunting-keywords project☆58Mar 2, 2025Updated last year
- Alternative password shadowing scheme☆10Feb 22, 2026Updated 3 weeks ago
- ☆11Feb 9, 2023Updated 3 years ago
- Threat intelligence and threat detection indicators (IOC, IOA)☆52Nov 27, 2020Updated 5 years ago
- Incremental Machine Leaning by example - Detecting suspicious activity in real time with Zeek data streams, River and JA3 hashes☆16Aug 10, 2022Updated 3 years ago
- Onsite Analysis Infrastructure☆16Jun 23, 2020Updated 5 years ago
- 🌌 Real-time threat detection for smart contracts☆10May 16, 2023Updated 2 years ago
- A collection of typical false positive indicators☆56Dec 5, 2020Updated 5 years ago
- Collection of DBI evasion techniques☆16Jan 25, 2022Updated 4 years ago
- Event Query Router☆12Aug 9, 2019Updated 6 years ago
- This directory contains random scripts from threat hunting or malware research☆11Feb 15, 2018Updated 8 years ago
- ☆19Jan 31, 2025Updated last year
- Collection of scripts / samples / snippits around the community service at www.filescan.io☆17Nov 6, 2025Updated 4 months ago
- Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups☆60Oct 28, 2022Updated 3 years ago
- automated-arancino is a lightweight analysis framework to automate malware experiments.☆16Apr 17, 2017Updated 8 years ago
- ☆15Apr 8, 2023Updated 2 years ago
- Python bindings for the Zydis disassembler library☆17Jul 2, 2019Updated 6 years ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- ETHICAL-HACKING☆12Dec 20, 2023Updated 2 years ago
- A simple IDA Pro plugin to show all HexRays decompiler comments written by user☆23Sep 3, 2021Updated 4 years ago
- Legacy password hashing framework for PHP applications needing to support or having previously supported PHP below 5.5☆16Nov 22, 2024Updated last year
- Library to hide DBI artifacts when using Intel Pin. Code from the ASIA CCS 2019 paper "SoK: Using Dynamic Binary Instrumentation for Secu…☆24Nov 12, 2019Updated 6 years ago
- Generate representative samples from Pwned Passwords (HIBP)☆11Jan 6, 2022Updated 4 years ago
- Perform file-based malware scan on your on-prem servers with AWS☆14Oct 31, 2023Updated 2 years ago
- ☆10Dec 3, 2021Updated 4 years ago
- ☆51Jun 28, 2022Updated 3 years ago
- Queries for Carbon Black Response☆11Feb 11, 2020Updated 6 years ago
- Cybersecurity Ontology (CyberOnto) and Situational Awareness (CyberSA) help teamwork in Cyber Incident Responses, Control, Containment, a…☆10Sep 15, 2022Updated 3 years ago
- Create dataset for suricata with indicators of MISP instances and add sightings in MISP if an indicator of dataset generates an alert☆37Nov 9, 2022Updated 3 years ago