sophos / yaraml_rules
Security ML models encoded as Yara rules
☆211Updated last year
Related projects ⓘ
Alternatives and complementary repositories for yaraml_rules
- ☆143Updated 2 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆98Updated 2 months ago
- Parse YARA rules and operate over them more easily.☆173Updated 4 months ago
- c2 traffic☆188Updated last year
- IOC from articles, tweets for archives☆310Updated 10 months ago
- Automatic YARA rule generation for Malpedia☆154Updated 2 years ago
- Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets☆132Updated 4 years ago
- A guide on how to write fast and memory friendly YARA rules☆124Updated last year
- Community modules for CAPE Sandbox☆85Updated this week
- Sigma rules from Joe Security☆203Updated this week
- Malware repository component for samples & static configuration with REST API interface.☆328Updated 2 weeks ago
- Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security relate…☆158Updated 11 months ago
- ☆158Updated 3 years ago
- YARA rule analyzer to improve rule quality and performance☆93Updated 11 months ago
- YARA Rules I come across on the internet☆333Updated 6 months ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆60Updated 10 months ago
- Signature engine for all your logs☆160Updated 11 months ago
- Research indicators and detection rules☆66Updated last year
- YARA malware query accelerator (web frontend)☆413Updated this week
- Various capabilities for static malware analysis.☆75Updated 2 months ago
- Automated Yara Rule generation using Biclustering☆59Updated 3 years ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆363Updated 2 years ago
- Python scripts for Malware Bazaar☆146Updated 5 months ago
- Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.☆346Updated 3 years ago
- PCAP Samples for Different Post Exploitation Techniques☆344Updated 3 years ago
- MBC content in markdown☆371Updated 2 weeks ago
- Automatically create YARA rules from malicious documents.☆208Updated 2 years ago
- Collection of rules created using YARA-Signator over Malpedia☆112Updated 11 months ago
- Repository containing IOCs, CSV and MISP JSON from our blogs☆79Updated 3 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆91Updated this week