Alternatives and similar repositories for yaralyzer

Users that are interested in yaralyzer are comparing it to the libraries listed below

• avast / yari

  View on GitHub
  YARI is an interactive debugger for YARA Language.
  ☆89Sep 10, 2025Updated 5 months ago
• BitsOfBinary / yarabuilder

  View on GitHub
  Python 3 library to build YARA rules.
  ☆13Oct 24, 2021Updated 4 years ago
• whichbuffer / Antidebug

  View on GitHub
  Defeating Anti-Debugging Techniques for Malware Analysis
  ☆12Oct 1, 2022Updated 3 years ago
• Neo23x0 / yaraQA

  View on GitHub
  YARA rule analyzer to improve rule quality and performance
  ☆111Jan 18, 2026Updated 3 weeks ago
• Rnalter / ThunderCloud

  View on GitHub
  Cloud Exploit Framework
  ☆112May 11, 2022Updated 3 years ago
• password123456 / CertVerify

  View on GitHub
  A scanner that files with compromised or untrusted code signing certificates written in python.
  ☆65Sep 6, 2023Updated 2 years ago
• NextronSystems / gimphash

  View on GitHub
  Imphash-like calculation on Golang binaries
  ☆49Jul 2, 2022Updated 3 years ago
• faiyazahmad07 / monitor_subdomains

  View on GitHub
  Monitor your target continuously for new subdomains!
  ☆25Mar 18, 2023Updated 2 years ago
• malienist / lupo

  View on GitHub
  Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation
  ☆105May 11, 2022Updated 3 years ago
• c3rb3ru5d3d53c / karton-unpacker

  View on GitHub
  A modular Karton Framework service that unpacks common packers like UPX and others using the Qiling Framework.
  ☆58May 24, 2021Updated 4 years ago
• advanced-threat-research / NetLlix

  View on GitHub
  A project created with an aim to emulate and test exfiltration of data over different network protocols.
  ☆31Mar 21, 2023Updated 2 years ago
• dod-cyber-crime-center / DC3-MWCP

  View on GitHub
  DC3 Malware Configuration Parser (DC3-MWCP) is a framework for parsing configuration information from malware. The information extracted …
  ☆339Feb 7, 2025Updated last year
• daddycocoaman / azbelt

  View on GitHub
  AAD related enumeration in Nim
  ☆132Sep 7, 2023Updated 2 years ago
• CybercentreCanada / configextractor-py

  View on GitHub
  Python Library for ConfigExtractor
  ☆14Feb 4, 2026Updated last week
• CybercentreCanada / CCCS-Yara

  View on GitHub
  YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA
  ☆114Feb 8, 2026Updated last week
• Neo23x0 / YARA-Performance-Guidelines

  View on GitHub
  A guide on how to write fast and memory friendly YARA rules
  ☆164Feb 11, 2025Updated last year
• bartblaze / Yara-rules

  View on GitHub
  Collection of private Yara rules.
  ☆378Jan 28, 2026Updated 2 weeks ago
• SaadAhla / DocPlz

  View on GitHub
  Documents Exfiltration project for fun and educational purposes
  ☆145Oct 10, 2023Updated 2 years ago
• jstrosch / subparse

  View on GitHub
  Modular malware analysis artifact collection and correlation framework
  ☆54Apr 23, 2024Updated last year
• binref / refinery

  View on GitHub
  High Octane Triage Analysis
  ☆808Feb 8, 2026Updated last week
• CERT-Polska / mquery

  View on GitHub
  YARA malware query accelerator (web frontend)
  ☆437Feb 3, 2026Updated last week
• 3xp0rt / VX-API

  View on GitHub
  Collection of various WINAPI tricks / features used or abused by Malware
  ☆13Mar 28, 2022Updated 3 years ago
• wafinfo / autoDecoder

  View on GitHub
  Burp插件，转发处理
  ☆14Jan 17, 2023Updated 3 years ago
• claroty / arya

  View on GitHub
  Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.
  ☆258Dec 27, 2022Updated 3 years ago
• HadessCS / Artemis

  View on GitHub
  APK Infrastructure Investigator
  ☆64Jun 20, 2023Updated 2 years ago
• ps1337 / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆26Jul 21, 2022Updated 3 years ago
• alt3kx / wafaray

  View on GitHub
  Enhance your malware detection with WAF + YARA (WAFARAY)
  ☆108Sep 29, 2022Updated 3 years ago
• t-tani / defender2yara

  View on GitHub
  Convert Microsoft Defender Antivirus Signatures (VDM) into YARA rules
  ☆142Updated this week
• sisoma2 / malware_analysis

  View on GitHub
  Scripts, Yara rules and other files developed during malware investigations
  ☆27Aug 19, 2022Updated 3 years ago
• Sh3llyR / statiStrings

  View on GitHub
  YARA Rule Strings Statistics Calculator and Malware Research Helper
  ☆14Jul 24, 2021Updated 4 years ago
• AGDCservices / Misc-Malware-Analysis-Tools

  View on GitHub
  This repo contains miscellaneous tools to aid in your malware analysis.
  ☆13Mar 2, 2021Updated 4 years ago
• shlyuz / implant_go

  View on GitHub
  Golang Shlyuz Implant Implementation
  ☆13May 23, 2025Updated 8 months ago
• Helixo32 / NimBlackout

  View on GitHub
  Kill AV/EDR leveraging BYOVD attack
  ☆390Jul 11, 2023Updated 2 years ago
• advanced-threat-research / Yara-Rules

  View on GitHub
  Repository of YARA rules made by Trellix ATR Team
  ☆623Mar 18, 2025Updated 10 months ago
• buzzer-re / Shinigami

  View on GitHub
  A dynamic unpacking tool
  ☆145Sep 17, 2023Updated 2 years ago
• InQuest / yara-rules

  View on GitHub
  A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
  ☆388May 11, 2022Updated 3 years ago
• korc / PR-DNSd

  View on GitHub
  Passive-Recursive DNS daemon
  ☆26Sep 20, 2024Updated last year
• nikhilh-20 / ELFEN

  View on GitHub
  ELFEN: Automated Linux Malware Analysis Sandbox
  ☆136Aug 20, 2025Updated 5 months ago
• InQuest / iocextract

  View on GitHub
  Defanged Indicator of Compromise (IOC) Extractor.
  ☆564Aug 28, 2024Updated last year