Alternatives and similar repositories for Yara-rules

Users that are interested in Yara-rules are comparing it to the libraries listed below

• snemes / malware-analysis
  ☆23Updated 4 years ago
• stairwell-inc / threat-research
  Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
  ☆22Updated last year
• StrangerealIntel / DeltaFlare
  ☆12Updated 3 years ago
• proferosec / Threat-Intelligence
  A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.
  ☆10Updated 5 years ago
• iAbdullahMughal / dscan
  D-Scan project for office document analysis and generating flow diagram of macro in documents. For demo visit
  ☆29Updated last week
• hasherezade / mal_unpack_py
  Python wrappers for mal_unpack
  ☆36Updated last year
• Sh3llyR / statiStrings
  YARA Rule Strings Statistics Calculator and Malware Research Helper
  ☆13Updated 3 years ago
• mandiant / win10_rekall
  Rekall Memory Forensic Framework
  ☆32Updated 5 years ago
• mandiant / apooxml
  Generate YARA rules for OOXML documents.
  ☆38Updated 2 years ago
• hasherezade / tag_converter
  ☆22Updated 4 years ago
• CERT-Polska / karton-config-extractor
  Static configuration extractor for the Karton framework
  ☆10Updated 5 months ago
• MITRECND / picaboo
  Specialized tool to dump Position Independent Code.
  ☆22Updated 4 years ago
• jeFF0Falltrades / IoCs
  A collection of Indicators of Compromise (IoCs), most aligning with samples derived from the signatures in the YARA-Signatures repo
  ☆30Updated 5 years ago
• fr0gger / Yara-Unprotect
  This repository regroups the Yara Rules for the Unprotect Project
  ☆26Updated 4 years ago
• anyrun / blog-scripts
  ☆30Updated 7 months ago
• MITRECND / d20
  Automated Static Analysis Framework
  ☆9Updated 3 years ago
• sisoma2 / malware_analysis
  Scripts, Yara rules and other files developed during malware investigations
  ☆25Updated 2 years ago
• stvemillertime / ConventionEngine
  ConventionEngine - A Yara Rulepack for PDB Path Hunting
  ☆38Updated 2 years ago
• ail-project / ail-yara-rules
  A set of YARA rules for the AIL framework to detect leak or information disclosure
  ☆38Updated 4 months ago
• threatexpress / procdot_sandbox
  ProcDot Malware Sandbox
  ☆24Updated 7 months ago
• Dump-GUY / CAPA_JsonConver
  Converts exported results of CAPA tool from .json format to another formats supporting by different tools.
  ☆22Updated 3 years ago
• seifreed / awesome-sandbox-evasion
  A summary about different projects/presentations/tools to test how to evade malware sandbox systems
  ☆51Updated 6 years ago
• raw-data / malarchive
  Malware samples observed in the wild from time to time
  ☆12Updated 5 years ago
• jymcheong / aptc
  Automated Payload Test Controller
  ☆10Updated 8 years ago
• tbarabosch / apihash_to_yara
  Generates YARA rules to detect malware using API hashing
  ☆17Updated 4 years ago
• rivitna / APT
  ☆14Updated 2 years ago
• imp0rtp3 / yara-rules
  Yara rules written by me, for free use.
  ☆19Updated 3 years ago
• fr0gger / MalwareMuncher
  Malware Muncher is a proof-of-concept Python script that utilizes the Frida framework for binary instrumentation and API hooking, enablin…
  ☆45Updated 2 years ago
• Dump-GUY / Invoke-DetectItEasy
  Invoke-DetectItEasy is a wrapper for excelent tool called Detect-It-Easy. This PS module is very useful for Threat Hunting and Forensics.
  ☆25Updated 3 years ago
• memprocfshunt / MemProcFSHunter
  A powershell parser for https://github.com/ufrisk/MemProcFS
  ☆44Updated 4 years ago