Alternatives and similar repositories for Yara-Rules

Users that are interested in Yara-Rules are comparing it to the libraries listed below

• nettitude / PoshC2_IOCs
  A list of IOCs applicable to PoshC2
  ☆24Updated 4 years ago
• RomaissaAdjailia / Get-AppLockerEventlog
  This is a repo for fetching Applocker event log by parsing the win-event log
  ☆31Updated 2 years ago
• AhmedKamal1432 / Evilize
  Triaging Windows event logs based on SANS Poster
  ☆39Updated 2 years ago
• cedowens / Mod_Rewrite_Automation
  Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.
  ☆47Updated 4 years ago
• SadProcessor / WatchDog
  BloodHound Data Scanner
  ☆45Updated 4 years ago
• threatexpress / threat-mitigation
  Threat Mitigation Strategies
  ☆25Updated last year
• 3xpl01tc0d3r / Building-ActiveDirectory-Lab
  Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.
  ☆37Updated 5 years ago
• Mr-B0b / BloodCheck
  BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.
  ☆17Updated 4 years ago
• keydet89 / LNK
  Repository for LNK stuff
  ☆30Updated 2 years ago
• RiccardoAncarani / bloodhound-playbook
  Reproducible and extensible BloodHound playbooks
  ☆43Updated 5 years ago
• ReconInfoSec / adversary-emulation-map
  Creates an ATT&CK Navigator map of an Adversary Emulation Plan
  ☆17Updated 3 years ago
• georgi-i / winevt_logs_analysis
  Searching .evtx logs for remote connections
  ☆23Updated last year
• paragonsec / HiveNightmare-Checker
  A PowerShell script that checks for dangerous ACLs on system hives and shadows
  ☆28Updated 3 years ago
• MalwareTech / FollinaExtractor
  Extract payload URLs from Follina (CVE-2022-30190) docx and rtf files
  ☆31Updated 3 years ago
• AlrikRr / ActiveDirectory_Lab
  Active DIrectory Lab for Pentesting Practice
  ☆24Updated 2 years ago
• xenoscr / SessionHound
  A pair of scripts to import session and local group information that has been collected from alternate data sources into BloodHound's Neo…
  ☆19Updated 2 years ago
• FuzzySecurity / Presentations
  A collection of my presentation materials.
  ☆17Updated last year
• SevenStones / auditpolCIS
  CIS Benchmark testing of Windows SIEM configuration
  ☆44Updated 2 years ago
• blackarrowsec / Malleable-C2-Profiles
  Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable…
  ☆17Updated 4 years ago
• ricardojba / noPac
  CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter.
  ☆36Updated 3 years ago
• DissectMalware / OfficeForensicTools
  A set of tools for collecting forensic information
  ☆26Updated 5 years ago
• PwnDexter / FindFrontableDomains
  Forked and updated with some additional features over the original
  ☆17Updated 4 years ago
• slaughterjames / excelpeek
  ☆38Updated 3 years ago
• cnotin / m365_groups_enum
  Enumerate Microsoft 365 Groups in a tenant with their metadata
  ☆53Updated 4 years ago
• Retrospected / kerbmon
  Continuous kerberoast monitor
  ☆45Updated last year
• GhostManager / mythic_sync
  Automated activity logging utility for Mythic C2 v3.0+ with Ghostwriter v3.0+
  ☆18Updated 4 months ago
• joeminicucci / RedIra
  A cloud automation system for Red Teams based on Terraform and Ansible
  ☆23Updated 4 years ago
• egypt / fake-webdav
  ☆11Updated 4 years ago
• LaresLLC / AzureTokenExtractor
  Extracts Azure authentication tokens from PowerShell process minidumps.
  ☆23Updated 2 years ago
• EspressoCake / Cobalt_Strike_Ansible
  A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.
  ☆34Updated 3 years ago