Alternatives and similar repositories for yara:

Users that are interested in yara are comparing it to the libraries listed below

• Yara-Rules / rules
  Repository of yara rules
  ☆4,264Updated 9 months ago
• InQuest / awesome-yara
  A curated list of awesome YARA rules, tools, and people.
  ☆3,659Updated 2 months ago
• volatilityfoundation / volatility
  An advanced memory forensics framework
  ☆7,483Updated last year
• mandiant / flare-floss
  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
  ☆3,387Updated last week
• mandiant / flare-vm
  A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering env…
  ☆6,822Updated this week
• Neo23x0 / Loki
  Loki - Simple IOC and YARA Scanner
  ☆3,449Updated 2 months ago
• cuckoosandbox / cuckoo
  Cuckoo Sandbox is an automated dynamic malware analysis system
  ☆5,596Updated 2 years ago
• SpecterOps / BloodHound-Legacy
  Six Degrees of Domain Admin
  ☆10,012Updated 7 months ago
• mandiant / flare-fakenet-ng
  FakeNet-NG - Next Generation Dynamic Network Analysis Tool
  ☆1,840Updated last week
• Neo23x0 / signature-base
  YARA signature and IOC database for my scanners and tools
  ☆2,529Updated this week
• BishopFox / sliver
  Adversary Emulation Framework
  ☆8,819Updated this week
• LOLBAS-Project / LOLBAS
  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
  ☆7,239Updated 2 weeks ago
• SpiderLabs / Responder
  Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…
  ☆4,586Updated 4 years ago
• lgandx / Responder
  Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv…
  ☆5,614Updated 4 months ago
• Gallopsled / pwntools
  CTF framework and exploit development library
  ☆12,316Updated this week
• EmpireProject / Empire
  Empire is a PowerShell and Python post-exploitation agent.
  ☆7,521Updated 5 years ago
• Ne0nd0g / merlin
  Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
  ☆5,141Updated last month
• fortra / impacket
  Impacket is a collection of Python classes for working with network protocols.
  ☆13,820Updated this week
• byt3bl33d3r / CrackMapExec
  A swiss army knife for pentesting networks
  ☆8,552Updated last year
• rshipp / awesome-malware-analysis
  Defund the Police.
  ☆12,205Updated 7 months ago
• infobyte / faraday
  Open Source Vulnerability Management Platform
  ☆5,166Updated last week
• mandiant / capa
  The FLARE team's open-source tool to identify capabilities in executable files.
  ☆5,016Updated this week
• MISP / MISP
  MISP (core software) - Open Source Threat Intelligence and Sharing Platform
  ☆5,488Updated this week
• ivre / ivre
  Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run yo…
  ☆3,604Updated 2 weeks ago
• zeek / zeek
  Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.
  ☆6,608Updated this week
• mitre / caldera
  Automated Adversary Emulation Platform
  ☆5,804Updated this week
• Neo23x0 / yarGen
  yarGen is a generator for YARA rules
  ☆1,589Updated 7 months ago
• DominicBreuker / pspy
  Monitor linux processes without root permissions
  ☆5,068Updated 2 years ago
• paralax / awesome-honeypots
  an awesome list of honeypot resources
  ☆8,835Updated 5 months ago
• volatilityfoundation / volatility3
  Volatility 3.0 development
  ☆2,845Updated this week