Alternatives and similar repositories for YARA

Users that are interested in YARA are comparing it to the libraries listed below

• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆26Updated 2 months ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Updated 7 months ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆55Updated last year
• dwmetz / MalChela
  A YARA & Malware Analysis Toolkit written in Rust.
  ☆92Updated this week
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆86Updated last month
• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Updated 3 years ago
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆78Updated last year
• nasbench / Eventlog_Compendium
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆51Updated 9 months ago
• rapid7 / Rapid7-Labs
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆76Updated last month
• blackberry / threat-research-and-intelligence
  BlackBerry Threat Research & Intelligence
  ☆100Updated 2 years ago
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆38Updated last month
• c2links / NoWhere2Hide
  C2 Active Scanner
  ☆59Updated last year
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆108Updated last year
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆73Updated 5 months ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆46Updated last year
• openrelik / openrelik-server
  The backend server handling API requests and task management
  ☆55Updated this week
• Bert-JanP / Domain-Response
  Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…
  ☆49Updated last month
• muchdogesec / obstracts
  Turn any blog into structured threat intelligence.
  ☆51Updated this week
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• stark4n6 / Arc2Lite
  A simple script to read the contents of a zip/tar/folder and extract metadata
  ☆21Updated 4 months ago
• mthcht / ThreatHunting-Keywords-sigma-rules
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆58Updated 11 months ago
• Neo23x0 / god-mode-rules
  God Mode Detection Rules
  ☆135Updated last year
• ThreatMon / ThreatMon-Reports-IOC
  ☆52Updated 5 months ago
• huebicode / abuselookup-gui
  A GUI to query the API of abuse.ch.
  ☆70Updated 3 years ago
• center-for-threat-informed-defense / attack-powered-suit
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆82Updated 8 months ago
• alwashali / detection-validation
  Detection rule validation
  ☆40Updated 2 years ago
• fulmetalpackets / protohacking
  This repository contains the code and PCAPS used for the SANS webinar, "Hacking Proprietary Protocols" given on February 23, 2021.
  ☆34Updated 3 years ago
• strozfriedberg / QELP
  Quick ESXi Log Parser
  ☆28Updated 3 months ago
• ThreatMon / ThreatMon-Daily-C2-Feeds
  IOC Stream and Command and Control Database Containing Command and Control (C2) Servers Detected Daily by ThreatMon.
  ☆69Updated 2 years ago
• joeavanzato / crackdown
  Helping Incident Responders hunt for potential persistence mechanisms on UNIX-based systems.
  ☆17Updated 2 years ago