SCILabsMX/yaraZeekAlert external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

SCILabsMX/yaraZeekAlert

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/SCILabsMX/yaraZeekAlert)

Close

SCILabsMX / yaraZeekAlertView on GitHubMore

• External links
• Readme badge

This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a match it sends email alerts to the email address specified in the mailTo parameter on yaraAlert.conf file. The alert includes network context of the file transfer and attaches the suspicious file if it is less tha…

☆62Dec 16, 2023Updated 2 years ago

Alternatives and similar repositories for yaraZeekAlert

Users that are interested in yaraZeekAlert are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• k-vitali / operation-shadowhammer

  View on GitHub
  This repository contains various files linked to Operation Shadowhammer as it was originally discovered by Kaspersky Team.
  ☆12Mar 27, 2019Updated 7 years ago
• arieljt / VTCodeSimilarity-YaraGen

  View on GitHub
  ☆98Oct 7, 2020Updated 5 years ago
• target / halogen

  View on GitHub
  Automatically create YARA rules from malicious documents.
  ☆211May 16, 2022Updated 3 years ago
• corelight / zeek2es

  View on GitHub
  A Python application to filter and transfer Zeek logs to Elastic/OpenSearch+Humio. This app can also output pure JSON logs to stdout for…
  ☆39Aug 18, 2022Updated 3 years ago
• 100DaysofYARA / 2022

  View on GitHub
  ☆23Dec 15, 2022Updated 3 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• joesecurity / Joe-Sandbox-Bro

  View on GitHub
  JoeSandbox-Bro is a simple bro script which extracts files from your internet connection and analyzes them automatically on Joe Sandbox
  ☆44Jun 6, 2019Updated 6 years ago
• immortalp0ny / yarg

  View on GitHub
  Yet another rule generator for Yara
  ☆29Jun 6, 2025Updated 10 months ago
• hosom / file-extraction

  View on GitHub
  Extract files from network traffic with Zeek.
  ☆102Mar 17, 2020Updated 6 years ago
• dale-lakes / MegaDev

  View on GitHub
  Bro IDS + ELK Stack to detect and block data exfiltration
  ☆46Oct 31, 2018Updated 7 years ago
• sbousseaden / YaraHunts

  View on GitHub
  Random hunting ordiented yara rules
  ☆96Mar 27, 2023Updated 3 years ago
• arbor / reversing

  View on GitHub
  ASERT shared scripts for reversing
  ☆32Feb 5, 2018Updated 8 years ago
• Xen0ph0n / YaraGenerator

  View on GitHub
  Automatic Yara Rule Generation
  ☆333Feb 2, 2016Updated 10 years ago
• salesforce / multithreaded-exfil-detection

  View on GitHub
  A simple way of detecting multithreaded exfiltration in Zeek.
  ☆15May 1, 2025Updated 11 months ago
• umarfarook882 / Tornado_Demo_Vuln_App

  View on GitHub
  Tornado Demo Vulnerable Application to test SQL injection vulnerability and patch it using RASP (Runtime Application Self-Protection)
  ☆11Nov 15, 2017Updated 8 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• deadbits / yara-rules

  View on GitHub
  Collection of YARA signatures from individual research
  ☆44Nov 20, 2023Updated 2 years ago
• MITRECND / bro-http2

  View on GitHub
  Plugin for Zeek/Bro which provides http2 decoder/analyzer
  ☆30Jun 11, 2024Updated last year
• advanced-threat-research / Ripple-20-Detection-Logic

  View on GitHub
  Ripple20 Critical Vulnerabilities - Detection Logic and Signatures
  ☆12May 28, 2021Updated 4 years ago
• silascutler / MiscMalware

  View on GitHub
  Misc malware stuff
  ☆11Sep 30, 2020Updated 5 years ago
• wolf0x / honeynet

  View on GitHub
  Sentinel Guard - Use to build up Honeypot and Honeynet with ZERO cost easily and simply.
  ☆18Jul 25, 2021Updated 4 years ago
• SuperCowPowers / zat

  View on GitHub
  Zeek Analysis Tools (ZAT): Processing and analysis of Zeek network data with Pandas, scikit-learn, Kafka and Spark
  ☆454Mar 19, 2026Updated 3 weeks ago
• corelight / zeek-long-connections

  View on GitHub
  Zeek package for tracking long connections to report them before they have completed.
  ☆31Nov 25, 2025Updated 4 months ago
• mauronz / binja-emotet

  View on GitHub
  ☆19Sep 21, 2020Updated 5 years ago
• silascutler / MalPipe

  View on GitHub
  Malware/IOC ingestion and processing engine
  ☆110Nov 20, 2018Updated 7 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• KasperskyLab / klara

  View on GitHub
  Kaspersky's GReAT KLara
  ☆733Jul 24, 2024Updated last year
• carbonblack / active_c2_ioc_public

  View on GitHub
  Active C2 IoCs
  ☆99Nov 28, 2022Updated 3 years ago
• sud0woodo / Urgent11-Suricata-LUA-scripts

  View on GitHub
  Suricata LUA scripts to detect CVE-2019-12255, CVE-2019-12256, CVE-2019-12258, and CVE-2019-12260
  ☆19Nov 28, 2019Updated 6 years ago
• mytechnotalent / Zeek-Network-Security-Monitor

  View on GitHub
  A Zeek Network Security Monitor tutorial that will cover the basics of creating a Zeek instance on your network in addition to all of the…
  ☆61Nov 26, 2025Updated 4 months ago
• tsale / TA_tooling

  View on GitHub
  ☆10Dec 24, 2022Updated 3 years ago
• ninoseki / iocingestor

  View on GitHub
  An extendable tool to extract and aggregate IoCs from threat feeds
  ☆33Feb 6, 2024Updated 2 years ago
• stairwell-inc / cobalt-strike-stager-parser

  View on GitHub
  ☆36Jan 11, 2023Updated 3 years ago
• michalpurzynski / zeek-scripts

  View on GitHub
  zeek-scripts
  ☆44Dec 27, 2018Updated 7 years ago
• OALabs / findyara-ida

  View on GitHub
  IDA python plugin to scan binary with Yara rules
  ☆181Jan 30, 2024Updated 2 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• CriticalPathSecurity / Zeek-Intelligence-Feeds

  View on GitHub
  Zeek-Formatted Threat Intelligence Feeds
  ☆394Updated this week
• Cyb3r-Monk / RITA-J

  View on GitHub
  Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
  ☆209Jul 21, 2022Updated 3 years ago
• Yara-Rules / yara-endpoint

  View on GitHub
  Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.
  ☆109Mar 13, 2018Updated 8 years ago
• StrangerealIntel / DailyIOC

  View on GitHub
  IOC from articles, tweets for archives
  ☆318Dec 12, 2023Updated 2 years ago
• Xumeiquer / yara-forensics

  View on GitHub
  Set of Yara rules for finding files using magics headers
  ☆142Sep 8, 2020Updated 5 years ago
• RomanEmelyanov / CobaltStrikeForensic

  View on GitHub
  Toolset for research malware and Cobalt Strike beacons
  ☆211Mar 11, 2025Updated last year
• aboutsecurity / Bro-samples

  View on GitHub
  Network Forensics Bro scripts & pcap samples
  ☆63Mar 11, 2014Updated 12 years ago