Alternatives and similar repositories for YARA:

Users that are interested in YARA are comparing it to the libraries listed below

• pracsec / YaraTools
  Over 100K open-source YARA signatures evaluated against over 280K files to give insights into the performance of each YARA rule.
  ☆23Updated 2 years ago
• tstromberg / sunlight
  Linux #rootkit and #malware revealer
  ☆23Updated 6 months ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆23Updated last week
• NextronSystems / TA-aurora
  Splunk Technology-AddOn for Aurora Sigma-Based EDR Agent. It helps parse and configure the necessary inputs to neatly consume Aurora EDR …
  ☆13Updated 2 years ago
• embee-research / Icedid-file-decryptor
  Static Decryptor for IcedID Malware
  ☆18Updated 2 years ago
• 0xThiebaut / Signatures
  🚧 Currently transfering TLP:CLEAR rules from TLP:AMBER repository...
  ☆22Updated 10 months ago
• montysecurity / InfraSpyder
  Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.
  ☆27Updated last year
• cyberg3cko / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆32Updated 3 weeks ago
• AndrewRathbun / SANSGoldPaperResearch_FOR500_Rathbun
  A repository containing the research output from my GCFE Gold Paper which compared Windows 10 and Windows 11.
  ☆26Updated 2 years ago
• stairwell-inc / cobalt-strike-stager-parser
  ☆34Updated 2 years ago
• mdecrevoisier / Windows-authentication-brutforce-cheatsheet
  Assist analyst and threat hunters to understand Windows authentication logs and to analyze brutforce scenarios.
  ☆18Updated last year
• geeksniper / Red-team-toolkit
  this repo is for red team process and tools collection
  ☆20Updated 3 years ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated last year
• elceef / yara-rulz
  Collection of generic YARA rules
  ☆15Updated 8 months ago
• AhmedKamal1432 / Evilize
  Triaging Windows event logs based on SANS Poster
  ☆38Updated 2 years ago
• Hestat / calamity
  A script to assist in processing forensic RAM captures for malware triage
  ☆27Updated 4 years ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆30Updated 2 years ago
• NexusFuzzy / raccoon_config
  Scans a list of raccoon servers from Tria.ge and extracts the config
  ☆15Updated last year
• 3ndG4me / AgentSmith
  Golang C2 Agent PoC utilizing web and social media paltforms to issue command and control and pasting results to PasteBin
  ☆16Updated 4 years ago
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 7 months ago
• rapid7 / Rapid7-Labs
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆56Updated 2 months ago
• randomaccess3 / block-parser
  Parser for Windows PowerShell script block logs
  ☆13Updated last month
• ruppde / yara_rules
  Yara rules
  ☆20Updated last year
• AmirHoseinTangsiriNET / EventLogSilencer
  EventLogSilencer is a PowerShell script designed for disable Windows Event Logging
  ☆14Updated last year
• nullsection / SharpETW-Patch
  ☆22Updated last year
• ArsenalRecon / NetWireLogDecoder
  Scan and decode NetWire logs
  ☆11Updated 2 years ago
• alwashali / detection-validation
  Detection rule validation
  ☆41Updated last year
• blackarrowsec / malware-research
  Malware campaigns and APTs research by BlackArrow
  ☆18Updated 4 years ago
• qeeqbox / octopus
  Pure Honeypots with an automated bash script
  ☆20Updated 3 years ago
• 0xThiebaut / PCAPeek
  A proof-of-concept re-assembler for reverse VNC traffic.
  ☆25Updated last year