Alternatives and similar repositories for Yara-rules

Users that are interested in Yara-rules are comparing it to the libraries listed below

• tasox / Epimitheus
  Epimitheus is a tool that uses graphical database Neo4j for Windows Events visualization.
  ☆19Updated 3 years ago
• seifreed / awesome-sandbox-evasion
  A summary about different projects/presentations/tools to test how to evade malware sandbox systems
  ☆51Updated 6 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• stvemillertime / ConventionEngine
  ConventionEngine - A Yara Rulepack for PDB Path Hunting
  ☆38Updated 2 years ago
• hasherezade / tag_converter
  ☆22Updated 4 years ago
• iAbdullahMughal / dscan
  D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit
  ☆29Updated 6 months ago
• snemes / malware-analysis
  ☆23Updated 4 years ago
• airbus-cert / PSTrace
  Trace ScriptBlock execution for powershell v2
  ☆40Updated 5 years ago
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• CERT-Polska / karton-config-extractor
  Static configuration extractor for the Karton framework
  ☆10Updated 4 months ago
• mandiant / apooxml
  Generate YARA rules for OOXML documents.
  ☆38Updated last year
• nccgroup / Royal_APT
  Royal APT - APT15 - Related Information from NCC Group Cyber Defense Operations Research
  ☆53Updated 7 years ago
• stratosphereips / yara-rules
  Repository of Yara rules created by the Stratosphere team
  ☆26Updated 3 years ago
• telsy-cyberops / research
  Telsy CTI Research Team
  ☆57Updated 4 years ago
• Dump-GUY / CAPA_JsonConver
  Converts exported results of CAPA tool from .json format to another formats supporting by different tools.
  ☆22Updated 3 years ago
• eset / volatility-browserhooks
  Volatility Framework plugin to detect various types of hooks as performed by banking Trojans
  ☆41Updated 6 years ago
• fr0gger / MalwareMuncher
  Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…
  ☆44Updated 2 years ago
• fr0gger / SuperPeHasher
  SuperPeHasher is a wrapper for several hash algorithms dedicated to PE file.
  ☆27Updated 3 years ago
• accidentalrebel / mbcscan
  Scans a malware file and lists down the related MBC (Malware Behavior Catalog) details.
  ☆22Updated 2 years ago
• memprocfshunt / MemProcFSHunter
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆44Updated 4 years ago
• tccontre / KnowledgeBase
  Collection of tips, tools, arsenal and techniques I've learned during RE and other CyberSecStuff
  ☆54Updated 3 months ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated 2 years ago
• sisoma2 / malware_analysis
  Scripts, Yara rules and other files developed during malware investigations
  ☆25Updated 2 years ago
• idiom / activemime-format
  ActiveMime File Format Documentation
  ☆18Updated 3 years ago
• hasherezade / mal_unpack_py
  Python wrappers for mal_unpack
  ☆36Updated last year
• threatexpress / procdot_sandbox
  ProcDot Malware Sandbox
  ☆24Updated 5 months ago
• Exploit-install / DKMC
  DKMC - Dont kill my cat - Malicious payload evasion tool
  ☆21Updated 7 years ago
• SecurityRiskAdvisors / PDBlaster
  ☆47Updated 5 years ago
• 3c7 / bazaar
  Python based CLI for MalwareBazaar
  ☆37Updated 6 months ago
• anyrun / blog-scripts
  ☆30Updated 5 months ago