Alternatives and similar repositories for YARA

Users that are interested in YARA are comparing it to the libraries listed below

• NextronSystems / CyberChef
  CyberChef - Detection Engineering, TI, DFIR, Malware Analysis Edition
  ☆66Updated 3 years ago
• Velocidex / cloudvelo
  An experimental Velociraptor implementation using cloud infrastructure
  ☆26Updated 2 months ago
• jstrosch / subcrawl
  SubCrawl is a modular framework for discovering open directories, identifying unique content through signatures and organizing the data w…
  ☆55Updated last year
• rkovar / ransomwarelegality
  Can you pay the ransom in your country?
  ☆14Updated 2 years ago
• delivr-to / detections
  A home for detection content developed by the delivr.to team
  ☆73Updated 6 months ago
• curated-intel / attack-lookup
  A MITRE ATT&CK Lookup Tool
  ☆46Updated last year
• gmagklaras / POFR
  Penguin OS Forensic (or Flight) Recorder
  ☆40Updated last year
• 100DaysofYARA / 2023
  Rules Shared by the Community from 100 Days of YARA 2023
  ☆78Updated 2 years ago
• docker-forensics-toolkit / toolkit
  A toolkit for the post-mortem examination of Docker containers from forensic HDD copies
  ☆108Updated last year
• strozfriedberg / QELP
  Quick ESXi Log Parser
  ☆28Updated 3 months ago
• rapid7 / Rapid7-Labs
  Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence…
  ☆76Updated last month
• embee-research / Yara-detection-rules
  Yara Rules for Modern Malware
  ☆78Updated last year
• dwmetz / MalChela
  A YARA & Malware Analysis Toolkit written in Rust.
  ☆92Updated this week
• cmdaltr / elrond
  Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.
  ☆32Updated 2 months ago
• Ruler-Project / ruler-project
  Remote access and Antivirus Logging Database
  ☆45Updated last year
• alwashali / detection-validation
  Detection rule validation
  ☆40Updated 2 years ago
• NextronSystems / evtx-baseline
  A repository hosting example goodware evtx logs containing sample software installation and basic user interaction
  ☆86Updated last month
• OMENScan / AChoirX
  ReWrite of AChoir in Go for Cross Platform forensic artifact collection and processing
  ☆41Updated last week
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated 2 years ago
• 100DaysofYARA / 2025
  Rules shared by the community from 100 Days of YARA 2025
  ☆38Updated last month
• huntresslabs / threat-intel
  This repository contains supplemental items including IOCs, and signatures discussed in Huntress blogposts, and other media.
  ☆46Updated last month
• SigmaHQ / pySigma-backend-splunk
  pySigma Splunk backend
  ☆41Updated 2 months ago
• ThreatMon / ThreatMon-Reports-IOC
  ☆52Updated 5 months ago
• blackberry / threat-research-and-intelligence
  BlackBerry Threat Research & Intelligence
  ☆100Updated 2 years ago
• nasbench / Eventlog_Compendium
  The Eventlog Compendium is the go-to resource for understanding Windows Event Logs.
  ☆51Updated 9 months ago
• ANSSI-FR / orc2timeline
  orc2timeline extracts and analyzes artifacts contained in archives generated with DFIR-ORC.exe to create a timeline from them
  ☆34Updated 7 months ago
• stark4n6 / Arc2Lite
  A simple script to read the contents of a zip/tar/folder and extract metadata
  ☆21Updated 4 months ago
• openrelik / openrelik-deploy
  Tools and scripts to deploy and manage OpenRelik instances
  ☆16Updated 8 months ago
• center-for-threat-informed-defense / attack-powered-suit
  ATT&CK Powered Suit is a browser extension that puts the complete MITRE ATT&CK® knowledge base at your fingertips with text search, conte…
  ☆82Updated 8 months ago
• BinaryDefense / YaraMemoryScanner
  Simple PowerShell script to enable process scanning with Yara.
  ☆98Updated 3 years ago