A curated list of awesome YARA rules, tools, and people.
☆33Oct 26, 2023Updated 2 years ago
Alternatives and similar repositories for awesome-yara
Users that are interested in awesome-yara are comparing it to the libraries listed below
Sorting:
- Knowledge base of analytics designed to cover threats based on MITRE's ATT&CK.☆23Dec 13, 2018Updated 7 years ago
- Some YARA rules i will add from time to time☆12May 31, 2019Updated 6 years ago
- A collection of typical false positive indicators☆56Dec 5, 2020Updated 5 years ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Recipes for GCHQ's CyberChef Web App☆39Nov 15, 2018Updated 7 years ago
- Providing timelines based on OSINT Reports☆31Jun 21, 2023Updated 2 years ago
- A curated list of awesome threat detection and hunting resources☆10Mar 23, 2018Updated 7 years ago
- Automated Real-Time Threat Hunting with ATD, Active Response and Elasticsearch/Kibana☆10Aug 17, 2018Updated 7 years ago
- pocket guide for core threat hunting concepts☆23May 6, 2020Updated 5 years ago
- Python based Office Macro Generator. Also does rudamentary obfuscation.☆12Jun 6, 2016Updated 9 years ago
- ☆13Nov 10, 2020Updated 5 years ago
- Poison Ivy Appendix/Extras☆18Aug 21, 2013Updated 12 years ago
- SIEM USE Case Selection Methodology☆17Sep 18, 2020Updated 5 years ago
- THOR MITRE ATT&CK Framework Coverage☆25Jun 15, 2020Updated 5 years ago
- An npm package for extracting common IoC (Indicator of Compromise) from a block of text☆59Oct 5, 2025Updated 5 months ago
- API hashing written in C to load APIs indirectly using CRC32 hashing☆15Jul 27, 2020Updated 5 years ago
- Script to pull newly-registered domains and check for similarity against a provided word list.☆13Aug 2, 2020Updated 5 years ago
- InSpec profile to validate the secure configuration of Red Hat Enterprise Linux 7, against DISA's Red Hat Enterprise Linux 7 Security Tec…☆15Dec 15, 2025Updated 2 months ago
- ☆23Mar 17, 2024Updated last year
- Easily scan with multiple yara rules from different sources.☆14Mar 9, 2024Updated 2 years ago
- Repository of Cofense Coronavirus Phishing Yara Rules (details can be found here: https://cofense.com/solutions/topic/coronavirus-infocen…☆10Jul 7, 2020Updated 5 years ago
- A collection of YARA rules for public use. Built from information in intelligence profiles, dossiers and file work.☆18Sep 10, 2023Updated 2 years ago
- ☆36Jan 11, 2023Updated 3 years ago
- A YARA Rule Performance Measurement Tool☆61Feb 26, 2024Updated 2 years ago
- Volatility plugin to help identify DoublePulsar implant by listing the array of pointers SrvTransaction2DispatchTable from the srv.sys dr…☆16Aug 14, 2017Updated 8 years ago
- Simple decrypter for Java AdWind, jRAT, jBifrost trojan☆17Jan 17, 2017Updated 9 years ago
- Generates YARA rules to detect malware using API hashing☆17Mar 16, 2021Updated 4 years ago
- Miscellaneous Scripts☆17Sep 11, 2020Updated 5 years ago
- Tools for parsing Forensic images☆41Dec 14, 2018Updated 7 years ago
- Web app that provides basic navigation and annotation of ATT&CK matrices☆17Nov 7, 2020Updated 5 years ago
- Domain Connectivity Analysis Tools to analyze aggregate connectivity patterns across a set of domains during security investigations☆46Nov 1, 2021Updated 4 years ago
- Simple SYSLOG client in Go☆22Jun 5, 2025Updated 9 months ago
- ☆21Jul 27, 2020Updated 5 years ago
- Python OpenIOC Editor☆18Dec 28, 2015Updated 10 years ago
- ☆18Apr 4, 2019Updated 6 years ago
- PE Import Hash Generator☆79Jul 17, 2017Updated 8 years ago
- Parse YARA rules and operate over them more easily.☆195Feb 6, 2025Updated last year
- A script to create and assign SOP tasks into the cases☆20Aug 16, 2020Updated 5 years ago
- Awesome VirusTotal Intelligence Search Queries☆332May 16, 2023Updated 2 years ago