Alternatives and similar repositories for Yara-Rules

Users that are interested in Yara-Rules are comparing it to the libraries listed below

• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 5 years ago
• BinaryDefense / beacon-fronting
  A simple command line program to help defender test their detections for network beacon patterns and domain fronting
  ☆69Updated 3 years ago
• nasbench / C2-Matrix-Indicators
  This repository aims to collect and document indicators from the different C2's listed in the C2-Matrix
  ☆73Updated 3 years ago
• NVISOsecurity / nviso-cti
  ☆42Updated 3 weeks ago
• AhmedKamal1432 / Evilize
  Triaging Windows event logs based on SANS Poster
  ☆39Updated 2 years ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Updated 2 years ago
• keydet89 / LNK
  Repository for LNK stuff
  ☆30Updated 2 years ago
• jipegit / IncidentsMindMaps
  Cybersecurity Incidents Mind Maps
  ☆33Updated 3 years ago
• ReconInfoSec / adversary-emulation-map
  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  ☆17Updated 3 years ago
• BushidoUK / Abused-Legitimate-Services
  Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups
  ☆60Updated 2 years ago
• 3xpl01tc0d3r / Building-ActiveDirectory-Lab
  Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.
  ☆37Updated 5 years ago
• sourcefrenchy / goqrexfil
  A mini project to exfiltrate data via QR codes
  ☆19Updated 2 months ago
• freeload101 / Bloodhound-Portable
  Bloodhound Portable for Windows
  ☆53Updated 2 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated 2 years ago
• CD-R0M / YARA
  Hundred Days of Yara Challenge
  ☆12Updated 3 years ago
• threathunters-io / QLOG
  Windows Security Logging
  ☆43Updated 3 years ago
• cnotin / m365_groups_enum
  Enumerate Microsoft 365 Groups in a tenant with their metadata
  ☆53Updated 4 years ago
• georgi-i / winevt_logs_analysis
  Searching .evtx logs for remote connections
  ☆24Updated 2 years ago
• xenoscr / SessionHound
  A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo…
  ☆20Updated 2 years ago
• Blumira / Kerberoast-Detection
  Kerberoast Detection Script
  ☆30Updated 9 months ago
• QueenSquishy / Zombie
  General Content
  ☆26Updated last year
• SentineLabs / log4j_response
  ☆15Updated 3 years ago
• cybergoatpsyops / detections
  Placeholder for my detection repo and misc detection engineering content
  ☆42Updated last year
• slaughterjames / excelpeek
  ☆38Updated 3 years ago
• outflanknl / RedFile
  Serving files with conditions, serverside keying and more.
  ☆18Updated 3 years ago
• WithSecureLabs / FLAIR
  F-Secure Lightweight Acqusition for Incident Response (FLAIR)
  ☆16Updated 4 years ago
• LuemmelSec / SAML2Spray
  Python Script for SAML2 Authentication Passwordspray
  ☆40Updated 2 years ago
• kyle-phillips / adversarial-tools
  A collection of tools adversaries commonly use in an attack.
  ☆14Updated 8 months ago
• DODC / turncoat
  ☆42Updated 3 months ago
• jacopodl / Pulsar
  Data exfiltration and covert communication tool
  ☆39Updated 2 years ago