A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...
☆141Nov 19, 2023Updated 2 years ago
Alternatives and similar repositories for Orion
Users that are interested in Orion are comparing it to the libraries listed below
Sorting:
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Sigma rules to share with the community☆124Jan 29, 2025Updated last year
- IOC from articles, tweets for archives☆318Dec 12, 2023Updated 2 years ago
- JPCERT/CC public YARA rules repository☆109Nov 14, 2025Updated 3 months ago
- 100 Days of YARA to be updated with rules & ideas as the year progresses☆60Jan 18, 2023Updated 3 years ago
- A Modular MWDB Utility to Collect Fresh Malware Samples☆34May 17, 2021Updated 4 years ago
- ☆215Jun 5, 2025Updated 8 months ago
- The Threat Hunting In Rapid Iterations (THIRI) Jupyter notebook is designed as a research aide to let you rapidly prototype threat huntin…☆154Apr 25, 2022Updated 3 years ago
- ☆553Dec 4, 2023Updated 2 years ago
- ☆96May 5, 2025Updated 9 months ago
- Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups☆723Dec 26, 2022Updated 3 years ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆387May 11, 2022Updated 3 years ago
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 5 months ago
- Repository of YARA rules made by Trellix ATR Team☆625Mar 18, 2025Updated 11 months ago
- Collection of rules created using YARA-Signator over Malpedia☆141Jan 6, 2026Updated last month
- A guide on how to write fast and memory friendly YARA rules☆166Feb 11, 2025Updated last year
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- ☆14Oct 25, 2022Updated 3 years ago
- ☆66Jan 27, 2023Updated 3 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- A python script developed to process Windows memory images based on triage type.☆266Nov 25, 2023Updated 2 years ago
- Tools for assisting the reverse engineering of Qakbot☆11Jul 21, 2021Updated 4 years ago
- ☆23Jul 7, 2023Updated 2 years ago
- Imphash-like calculation on Golang binaries☆49Jul 2, 2022Updated 3 years ago
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆208Jul 21, 2022Updated 3 years ago
- Helper scripts to automate the extraction of YARA rules from XProtectRemediators☆22Mar 5, 2024Updated last year
- ReversingLabs YARA Rules☆898Nov 3, 2025Updated 3 months ago
- ☆138Apr 20, 2023Updated 2 years ago
- This repository contains analysis scripts, YARA rules, and additional IoCs related to our Telekom Security blog posts.☆118Dec 13, 2023Updated 2 years ago
- ☆512Oct 7, 2024Updated last year
- Volatility plugin for extracts configuration data of known malware☆495Dec 22, 2023Updated 2 years ago
- Yara station is a management portal for Neo23x0-Loki. The mission is to transform the standalone nature of the Loki scanner into a centra…☆35Feb 1, 2022Updated 4 years ago
- ☆18Mar 26, 2024Updated last year
- Configuration Extractors for Malware☆124Apr 23, 2025Updated 10 months ago
- Collection of YARA signatures from individual research☆44Nov 20, 2023Updated 2 years ago
- ☆11Mar 12, 2021Updated 4 years ago
- ☆12Jun 29, 2021Updated 4 years ago
- ☆129Jan 29, 2024Updated 2 years ago
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Dec 17, 2025Updated 2 months ago