Alternatives and similar repositories for yara-endpoint

Users that are interested in yara-endpoint are comparing it to the libraries listed below

• nccgroup / yaml2yara

  View on GitHub
  Generate bulk YARA rules from YAML input
  ☆22Feb 3, 2020Updated 6 years ago
• Xumeiquer / yara-forensics

  View on GitHub
  Set of Yara rules for finding files using magics headers
  ☆142Sep 8, 2020Updated 5 years ago
• ThreatHuntingProject / hunter

  View on GitHub
  A threat hunting / data analysis environment based on Python, Pandas, PySpark and Jupyter Notebook.
  ☆252Jul 19, 2021Updated 4 years ago
• godaddy / yara-rules

  View on GitHub
  YARA rules for use with ProcFilter
  ☆90Jul 28, 2017Updated 8 years ago
• spyre-project / spyre

  View on GitHub
  simple YARA-based IOC scanner
  ☆175Jan 9, 2026Updated last month
• sroberts / cacador

  View on GitHub
  Indicator Extractor
  ☆141Jul 14, 2018Updated 7 years ago
• alexander-hanel / ida_yara

  View on GitHub
  A python script that can be used to scan data within in an IDB using Yara.
  ☆23Sep 4, 2018Updated 7 years ago
• BayshoreNetworks / yextend

  View on GitHub
  Yara integrated software to handle archive file data.
  ☆322May 9, 2022Updated 3 years ago
• CanTopay / thehive-playbook-creator

  View on GitHub
  A script to create and assign SOP tasks into the cases
  ☆20Aug 16, 2020Updated 5 years ago
• tenable / yara-rules

  View on GitHub
  Repository of yara rules
  ☆60Nov 29, 2022Updated 3 years ago
• InQuest / yara-rules

  View on GitHub
  A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
  ☆388May 11, 2022Updated 3 years ago
• SupportIntelligence / Icewater

  View on GitHub
  16,432 Free Yara rules created by
  ☆390Jun 1, 2019Updated 6 years ago
• botherder / go-autoruns

  View on GitHub
  Collect autorun records from running system
  ☆59Jan 21, 2022Updated 4 years ago
• PUNCH-Cyber / YaraGuardian

  View on GitHub
  Django web interface for managing Yara rules
  ☆197Jul 28, 2018Updated 7 years ago
• blockadeio / cloud_node

  View on GitHub
  Python-based cloud node for local use
  ☆11Mar 7, 2018Updated 7 years ago
• mutedmouse / ta-volatility

  View on GitHub
  Technical add-on to ingest json formatted volatility memory analysis plugin outputs
  ☆13May 21, 2018Updated 7 years ago
• muteb / Hoarder

  View on GitHub
  This script is made to collect the most valiable artifacts for foreniscs or incident reponse investigation rather than imaging the whole …
  ☆209Oct 19, 2020Updated 5 years ago
• DearBytes / Opensource-Endpoint-Monitoring

  View on GitHub
  This repository contains all the config files and scripts used for our Open Source Endpoint monitoring project.
  ☆35Jul 8, 2019Updated 6 years ago
• n3l5 / irCRpull

  View on GitHub
  irCRpull is a PowerShell script utilized to pull several system artifacts, utilizing the free tool CrowdResponse, from a live Win7+ syste…
  ☆14Mar 25, 2015Updated 10 years ago
• forensicmatt / RustyReg

  View on GitHub
  Registry to JSON. This Project is for learning purposes and is not maintained.
  ☆12Dec 28, 2021Updated 4 years ago
• DissectMalware / base64_substring

  View on GitHub
  Generate a Yara rule to find base64-encoded files containg a specific keyword
  ☆40Jul 13, 2018Updated 7 years ago
• NextronSystems / thor-manual

  View on GitHub
  THOR APT Scanner User Manual
  ☆20Jan 30, 2026Updated 2 weeks ago
• Northern-Lights / yara-parser

  View on GitHub
  Tools for parsing rulesets using the exact grammar as YARA. Written in Go.
  ☆85Dec 21, 2022Updated 3 years ago
• mitre / multiscanner

  View on GitHub
  Modular file scanning/analysis framework
  ☆621Oct 8, 2019Updated 6 years ago
• godaddy / procfilter

  View on GitHub
  A YARA-integrated process denial framework for Windows
  ☆397Feb 15, 2020Updated 6 years ago
• Invoke-IR / ACE

  View on GitHub
  Automated, Collection, and Enrichment Platform
  ☆324Nov 14, 2019Updated 6 years ago
• certsocietegenerale / fame

  View on GitHub
  FAME Automates Malware Evaluation
  ☆926Dec 16, 2025Updated last month
• TryCatchHCF / DumpsterFire

  View on GitHub
  "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security …
  ☆1,035May 27, 2020Updated 5 years ago
• CIRCL / yara-validator

  View on GitHub
  Validates yara rules and tries to repair the broken ones.
  ☆41Sep 5, 2020Updated 5 years ago
• Hestat / lw-yara

  View on GitHub
  Yara Ruleset for scanning Linux servers for shells, spamming, phishing and other webserver baddies
  ☆107Mar 4, 2021Updated 4 years ago
• KasperskyLab / klara

  View on GitHub
  Kaspersky's GReAT KLara
  ☆730Jul 24, 2024Updated last year
• danielguerra69 / docker-moloch

  View on GitHub
  A Docker container for Moloch based on minimal Debian
  ☆13Jun 23, 2017Updated 8 years ago
• Yara-Rules / YaraRET

  View on GitHub
  Carving tool based in Radare2 & Yara
  ☆17Oct 30, 2018Updated 7 years ago
• kf0jvt / osq_simulator

  View on GitHub
  ☆15Nov 11, 2015Updated 10 years ago
• LDO-CERT / mans_to_es

  View on GitHub
  Parses the FireEye HX .mans triage collections and sends them to ElasticSearch
  ☆16Feb 17, 2023Updated 2 years ago
• ion-storm / sysmon-config

  View on GitHub
  Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into …
  ☆818Nov 5, 2023Updated 2 years ago
• Invoke-IR / PowerForensicsPortable

  View on GitHub
  ☆33Nov 21, 2024Updated last year
• AustralianCyberSecurityCentre / windows_event_logging

  View on GitHub
  Windows Event Forwarding subscriptions, configuration files and scripts that assist with implementing ACSC's protect publication, Technic…
  ☆227Feb 5, 2025Updated last year
• Velocidex / evtx-data

  View on GitHub
  Publicly shareable windows event log message data
  ☆28Nov 29, 2019Updated 6 years ago