anyrun / YARALinks
Maintained by the ANY.RUN team, this repository provides YARA rules to help detect and classify various malware families and other malicious artifacts.
☆26Updated 2 months ago
Alternatives and similar repositories for YARA
Users that are interested in YARA are comparing it to the libraries listed below
Sorting:
- A YARA & Malware Analysis Toolkit written in Rust.☆90Updated 3 months ago
- SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…☆54Updated last year
- Detection rule validation☆40Updated 2 years ago
- orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them☆34Updated 7 months ago
- Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…☆75Updated last month
- An experimental Velociraptor implementation using cloud infrastructure☆26Updated last month
- A forensic open-source parser module for Autopsy that allows extracting the messages, comments, posts, contacts, calendar entries and rea…☆114Updated last week
- ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing☆41Updated this week
- A repository hosting example goodware evtx logs containing sample software installation and basic user interaction☆86Updated last month
- Linux #rootkit and #malware revealer☆30Updated last year
- C2 Active Scanner☆59Updated last year
- Yara Rules for Modern Malware☆78Updated last year
- Turn any blog into structured threat intelligence.☆49Updated this week
- Rules Shared by the Community from 100 Days of YARA 2023☆78Updated 2 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Updated 2 months ago
- The backend server handling API requests and task management☆55Updated this week
- A toolkit for the post-mortem examination of Docker containers from forensic HDD copies☆107Updated last year
- A home for detection content developed by the delivr.to team☆73Updated 5 months ago
- ☆52Updated 5 months ago
- Placeholder for my detection repo and misc detection engineering content☆42Updated 2 years ago
- CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition☆66Updated 3 years ago
- Initial triage of Windows Event logs☆105Updated last year
- This script enhances endpoint logging telemetry for the purpose of advanced malware threat detection or for building detections or malwar…☆38Updated 9 months ago
- Forensic Artifact Collection Tool Matrix☆92Updated last year
- Detection Engineering with YARA☆86Updated 2 years ago
- A zero dependency and customizable Python library for scanning Windows and Linux process memory.☆66Updated last year
- Domain Response is a tool that is designed to help you automate the investigation for a domain. This tool is specificly designed to autom…☆49Updated 3 weeks ago
- Convert Sigma rules to SIEM queries, directly in your browser.☆107Updated this week
- A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value. Inspired by Industry N…☆42Updated last week
- This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.☆46Updated 3 weeks ago