100 Days of YARA to be updated with rules & ideas as the year progresses
☆60Jan 18, 2023Updated 3 years ago
Alternatives and similar repositories for 100DaysofYARA
Users that are interested in 100DaysofYARA are comparing it to the libraries listed below
Sorting:
- Generates YARA rules to detect malware using API hashing☆17Mar 16, 2021Updated 4 years ago
- Conceptual Methods for Finding Commonalities in Macho Files☆12Mar 21, 2024Updated last year
- An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.☆21Nov 13, 2022Updated 3 years ago
- This is a little plugin to copy disassembly in a way that is usable in YARA rules!☆48Apr 14, 2025Updated 10 months ago
- Repository of tools, YARA rules, and code-snippets from Stairwell's research team.☆23Jan 31, 2024Updated 2 years ago
- USB HID driver emulation with PID/VID (0x3bca/0x27bb) of Plenom A/S Busylight Alpha, that is supported by Mimikatz. When mimikatz is exec…☆21Sep 6, 2022Updated 3 years ago
- Yara rules☆22Mar 27, 2023Updated 2 years ago
- Scripts, Yara rules and other files developed during malware investigations☆27Aug 19, 2022Updated 3 years ago
- JPCERT/CC public YARA rules repository☆109Nov 14, 2025Updated 3 months ago
- ☆27Mar 2, 2022Updated 3 years ago
- A YARA rules repository continuously updated for monitoring the old and new threats from articles, incidents responses ...☆141Nov 19, 2023Updated 2 years ago
- ☆138Apr 20, 2023Updated 2 years ago
- Repository for different Windows DFIR related CMDs, PowerShell CMDlets, etc, plus workshops that I did for different conferences or event…☆77Jul 13, 2021Updated 4 years ago
- Automatically spider the result set of a Censys/Shodan search and download all files where the file name or folder path matches a regex.☆28Apr 22, 2023Updated 2 years ago
- A collection of threat intelligence data such as IOC, Yara and Snort/Suricata Rules etc.☆10Sep 17, 2019Updated 6 years ago
- Scripts and lists to help generate YARA friendly string mutations☆22Apr 9, 2023Updated 2 years ago
- ☆76Feb 7, 2026Updated 3 weeks ago
- Converts Sigma detection rules to a Splunk alert configuration.☆12Jul 1, 2021Updated 4 years ago
- Plugins for the Viper Framework☆14Sep 21, 2019Updated 6 years ago
- Steezy - Ghetto Yara Generation☆15Mar 27, 2023Updated 2 years ago
- A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework.☆97May 28, 2023Updated 2 years ago
- My malware analysis code snippets☆28Jul 15, 2023Updated 2 years ago
- THOR Thunderstorm Collectors☆25Updated this week
- Yara Rules for Modern Malware☆78Mar 3, 2024Updated last year
- MDE relies on some of the Audit settings to be enabled☆100Jul 15, 2022Updated 3 years ago
- ☆23Mar 17, 2024Updated last year
- Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.☆208Jul 21, 2022Updated 3 years ago
- The FLARE team's open-source library to disassemble Common Intermediate Language (CIL) instructions.☆171Updated this week
- YARI is an interactive debugger for YARA Language.☆90Sep 10, 2025Updated 5 months ago
- ☆66Jan 27, 2023Updated 3 years ago
- A repository of output using KAPE (!EZParser Module) for various publicly available forensic images!☆17Aug 31, 2024Updated last year
- A project that aims to automate Volatility3 at scale with the use of cloud strength and the power of KQL inside ADX.☆16Aug 19, 2025Updated 6 months ago
- ☆42Sep 16, 2022Updated 3 years ago
- This guide describes a process for developing Cyber Threat Intelligence Priority Intelligence Requirements☆127Dec 5, 2023Updated 2 years ago
- Malware analyses and helpful scripts☆29May 26, 2022Updated 3 years ago
- enpoint detection / live analysis & sandbox host / signatures quality test☆44Apr 22, 2021Updated 4 years ago
- Alternative YARA scanning engine☆73Aug 23, 2022Updated 3 years ago
- FileInsight-plugins: decoding toolbox of McAfee FileInsight hex editor for malware analysis☆163Dec 15, 2024Updated last year
- pocket guide for core detection engineering concepts☆31May 8, 2023Updated 2 years ago