mthcht/ThreatHunting-Keywords-yara-rules external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

mthcht/ThreatHunting-Keywords-yara-rules

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/mthcht/ThreatHunting-Keywords-yara-rules)

Close

mthcht / ThreatHunting-Keywords-yara-rulesView on GitHubMore

• External links
• Readme badge

yara detection rules for hunting with the threathunting-keywords project

☆164May 11, 2025Updated last year

Alternatives and similar repositories for ThreatHunting-Keywords-yara-rules

Users that are interested in ThreatHunting-Keywords-yara-rules are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• mthcht / ThreatHunting-Keywords-sigma-rules

  View on GitHub
  Sigma detection rules for hunting with the threathunting-keywords project
  ☆60Mar 2, 2025Updated last year
• mthcht / ThreatHunting-Keywords

  View on GitHub
  Awesome list of keywords and artifacts for Threat Hunting sessions
  ☆659Aug 4, 2025Updated 10 months ago
• mthcht / Purpleteam

  View on GitHub
  Purpleteam scripts simulation & Detection - trigger events for SOC detections
  ☆203Dec 20, 2024Updated last year
• dfirvault / Thor-scanner-menu

  View on GitHub
  Menu for Thor scanner lite
  ☆20Oct 24, 2025Updated 7 months ago
• mthcht / awesome-lists

  View on GitHub
  Awesome Security lists for SOC/CERT/CTI
  ☆1,630Updated this week
• Serverless GPU API endpoints on Runpod - Get Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• malpedia / signator-rules

  View on GitHub
  Collection of rules created using YARA-Signator over Malpedia
  ☆145May 18, 2026Updated last month
• dfir-ronin / APT-OpenIOC-Detection-Rules

  View on GitHub
  This repository contains OpenIOC rules to aid in hunting for indicators of compromise and TTPs focused on Advanced Persistent Threat grou…
  ☆26Oct 3, 2023Updated 2 years ago
• mthcht / ThreatIntel-Reports

  View on GitHub
  Raw data from Threat Intelligence Reports with automatic reports collection and keyword search across thousands of reports
  ☆164Updated this week
• deadbits / yara-rules

  View on GitHub
  Collection of YARA signatures from individual research
  ☆44Nov 20, 2023Updated 2 years ago
• karmine05 / DEF3ND

  View on GitHub
  🛡️ SIGMA Detection Engineering Platform A comprehensive AI-powered detection engineering platform for security teams to explore MITRE AT…
  ☆45Jun 28, 2025Updated 11 months ago
• MHaggis / PowerShell-Hunter

  View on GitHub
  PowerShell tools to help defenders hunt smarter, hunt harder.
  ☆484Oct 29, 2025Updated 7 months ago
• mdecrevoisier / SIGMA-detection-rules

  View on GitHub
  Set of SIGMA rules (>350) mapped to MITRE ATT&CK tactic and techniques
  ☆435May 21, 2026Updated 3 weeks ago
• ditekshen / detection

  View on GitHub
  Detection in the form of Yara, Snort and ClamAV signatures.
  ☆254Nov 1, 2024Updated last year
• HarfangLab / iocs

  View on GitHub
  Indicators of compromise
  ☆19May 18, 2026Updated last month
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• CD-R0M / YARA

  View on GitHub
  Hundred Days of Yara Challenge
  ☆12Jun 21, 2022Updated 3 years ago
• splunk / ShellSweep

  View on GitHub
  ShellSweeping the evil.
  ☆183Nov 25, 2024Updated last year
• mbabinski / Sigma-Rules

  View on GitHub
  A repository of my own Sigma detection rules.
  ☆165Nov 25, 2025Updated 6 months ago
• 100DaysofYARA / 2024

  View on GitHub
  Rules shared by the community from 100 Days of YARA 2024
  ☆90Jan 1, 2025Updated last year
• Digital-Defense-Institute / triage.zip

  View on GitHub
  A preconfigured Velociraptor triage collector
  ☆77Jun 4, 2026Updated 2 weeks ago
• CTI-Driven / LOLBins

  View on GitHub
  The LOLBins CTI-Driven (Living-Off-the-Land Binaries Cyber Threat Intelligence Driven) is a project that aims to help cyber defenders und…
  ☆131Apr 6, 2024Updated 2 years ago
• SEKOIA-IO / Community

  View on GitHub
  Welcome to the SEKOIA.IO Community repository!
  ☆188May 7, 2026Updated last month
• The-DFIR-Report / Yara-Rules

  View on GitHub
  ☆83Sep 29, 2025Updated 8 months ago
• Yamato-Security / sigma-to-hayabusa-converter

  View on GitHub
  Documentation and tools to curate Sigma rules for Windows event logs into easier to parse rules.
  ☆16Oct 22, 2025Updated 7 months ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• CyberRa1 / APT-Hub

  View on GitHub
  APT hub, It help's research to collect information and data on the latest APT activities. It collects data on APT profiles, IOCs(1 yr), a…
  ☆55Mar 11, 2025Updated last year
• Neo23x0 / YARA-Style-Guide

  View on GitHub
  A specification and style guide for YARA rules
  ☆74Feb 17, 2024Updated 2 years ago
• Geekmaster-General / IOCs

  View on GitHub
  Storage for the IOCs I collect
  ☆11Apr 3, 2026Updated 2 months ago
• wagga40 / Zircolite

  View on GitHub
  A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
  ☆823May 30, 2026Updated 2 weeks ago
• Sam0x90 / CB-Threat-Hunting

  View on GitHub
  CarbonBlack EDR detection rules and response actions
  ☆73Sep 10, 2024Updated last year
• BlackPerl-DFIR / IR-Cheatsheets

  View on GitHub
  This Repository consists all Public Cheatsheets created by BlackPerl DFIR Content Team
  ☆20Oct 9, 2024Updated last year
• Yamato-Security / EnableWindowsLogSettings

  View on GitHub
  Documentation and scripts to properly enable Windows event logs.
  ☆706Oct 3, 2025Updated 8 months ago
• Neo23x0 / god-mode-rules

  View on GitHub
  God Mode Detection Rules
  ☆134Aug 8, 2024Updated last year
• NextronSystems / velociraptor-artifacts-thor

  View on GitHub
  Thor Artifacts for Velociraptor
  ☆19Dec 2, 2025Updated 6 months ago
• AI Agents on DigitalOcean Gradient AI Platform • Ad
  Build production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
• AttackIQ / DetectIQ

  View on GitHub
  ☆121May 26, 2025Updated last year
• magicsword-io / sigconverter.io

  View on GitHub
  An opensource sigma conversion tool built using pysigma
  ☆170Updated this week
• kev365 / OSDFIR-Lab

  View on GitHub
  ☆24Updated this week
• BenjiTrapp / aws-threat-hunting

  View on GitHub
  Short deep dive into Threat Hunting on AWS
  ☆19Oct 15, 2023Updated 2 years ago
• reversinglabs / reversinglabs-yara-rules

  View on GitHub
  ReversingLabs YARA Rules
  ☆922Nov 3, 2025Updated 7 months ago
• jalacloud / mcp-cti

  View on GitHub
  Repo for experimenting and testing MCP server builds for CTI-related research.
  ☆27May 13, 2025Updated last year
• Cyb3r-Monk / Threat-Hunting-and-Detection

  View on GitHub
  Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
  ☆813Jan 14, 2026Updated 5 months ago