InQuest / yara-rulesLinks
A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
☆379Updated 3 years ago
Alternatives and similar repositories for yara-rules
Users that are interested in yara-rules are comparing it to the libraries listed below
Sorting:
- Repository of YARA rules made by Trellix ATR Team☆608Updated 5 months ago
- IOC from articles, tweets for archives☆315Updated last year
- YARA Rules I come across on the internet☆349Updated last year
- YARA malware query accelerator (web frontend)☆435Updated 5 months ago
- Sigma rules from Joe Security☆219Updated 9 months ago
- Volatility plugin for extracts configuration data of known malware☆491Updated last year
- Collection of private Yara rules.☆365Updated 3 weeks ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆713Updated 2 years ago
- ReversingLabs YARA Rules☆840Updated last month
- Clusters and elements to attach to MISP events or attributes (like threat actors)☆579Updated last week
- c2 traffic☆189Updated 2 years ago
- Indicators from Unit 42 Public Reports☆719Updated last week
- Defanged Indicator of Compromise (IOC) Extractor.☆540Updated 11 months ago
- ☆175Updated last year
- Malware repository component for samples & static configuration with REST API interface.☆365Updated this week
- DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …☆331Updated 6 months ago
- Distributed malware processing framework based on Python, Redis and S3.☆435Updated this week
- Online hash checker for Virustotal and other services☆834Updated 5 months ago
- PCAP Samples for Different Post Exploitation Techniques☆365Updated 4 years ago
- Awesome VirusTotal Intelligence Search Queries☆333Updated 2 years ago
- Malware Configuration And Payload Extraction☆760Updated 9 months ago
- ☆129Updated 6 months ago
- Security ML models encoded as Yara rules☆213Updated 2 years ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆620Updated this week
- Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant☆237Updated 2 years ago
- Sophos-originated indicators-of-compromise from published reports☆626Updated 2 weeks ago
- ☆130Updated last year
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆352Updated 3 years ago
- A framework for orchestrating forensic collection, processing and data export☆326Updated this week
- ☆211Updated 2 months ago