ditekshen / detection
Detection in the form of Yara, Snort and ClamAV signatures.
☆220Updated 4 months ago
Alternatives and similar repositories for detection:
Users that are interested in detection are comparing it to the libraries listed below
- Collection of rules created using YARA-Signator over Malpedia☆127Updated 4 months ago
- Collection of private Yara rules.☆344Updated 2 weeks ago
- Automated YARA Rule Standardization and Quality Assurance Tool☆200Updated this week
- Community modules for CAPE Sandbox☆92Updated last week
- ☆130Updated last year
- A guide on how to write fast and memory friendly YARA rules☆141Updated last month
- Sigma rules from Joe Security☆207Updated 4 months ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆101Updated 3 weeks ago
- Automatic YARA rule generation for Malpedia☆158Updated 2 years ago
- Curated Windows event log Sigma rules used in Hayabusa and Velociraptor.☆165Updated this week
- Signatures and IoCs from public Volexity blog posts.☆350Updated last month
- ☆67Updated last month
- ☆124Updated 3 weeks ago
- ☆200Updated last year
- Live forensic artifacts collector☆165Updated 8 months ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆372Updated 2 years ago
- YARA Rules I come across on the internet☆335Updated 11 months ago
- Repository of YARA rules made by Trellix ATR Team☆581Updated last week
- Anything Sysmon related from the MSTIC R&D team☆150Updated 9 months ago
- ☆125Updated last month
- File analysis and management framework.☆83Updated last year
- Welcome to the SEKOIA.IO Community repository!☆145Updated last week
- Elastic Security Labs releases☆59Updated 4 months ago
- Encyclopedia for Executables☆436Updated 3 years ago
- IOC from articles, tweets for archives☆313Updated last year
- MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR☆593Updated 2 weeks ago
- Standard collection of rules for capa: the tool for enumerating the capabilities of programs☆568Updated this week
- C# based evtx parser with lots of extras☆293Updated last week
- YARA rule analyzer to improve rule quality and performance☆97Updated 3 months ago
- A repo that contains recursive directory listings (using PowerShell) of a vanilla (clean) install of every Windows OS version to compare …☆154Updated 4 months ago