spyre-project / spyre
simple YARA-based IOC scanner
☆169Updated 2 months ago
Alternatives and similar repositories for spyre:
Users that are interested in spyre are comparing it to the libraries listed below
- Import specific data sources into the Sigma generic and open signature format.☆78Updated 3 years ago
- Signature engine for all your logs☆168Updated last year
- Automatically create YARA rules from malicious documents.☆211Updated 2 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- IOC from articles, tweets for archives☆313Updated last year
- Collecting & Hunting for IOCs with gusto and style☆238Updated 3 years ago
- ☆173Updated 10 months ago
- Cross-platform Yara scanner written in Go☆329Updated 2 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆104Updated last month
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆153Updated last month
- Set of Yara rules for finding files using magics headers☆137Updated 4 years ago
- Cuckoo running in a nested hypervisor☆128Updated 4 years ago
- ☆164Updated 4 years ago
- A VBA parser and emulation engine to analyze malicious macros.☆96Updated 2 weeks ago
- Sigma rules from Joe Security☆209Updated 6 months ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- Live forensic artifacts collector☆166Updated 10 months ago
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆375Updated 2 years ago
- ☆125Updated 3 months ago
- Linux Incident Response☆90Updated 5 years ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆109Updated 7 years ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆187Updated 4 years ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆261Updated 6 years ago
- How to Zeek Sysmon Logs!☆101Updated 3 years ago
- Golang Parser for Microsoft Event Logs☆102Updated 3 months ago
- ☆53Updated 6 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆70Updated 3 weeks ago
- 🚌 Threat Bus – A threat intelligence dissemination layer for open-source security tools.☆261Updated 2 years ago
- c2 traffic☆188Updated 2 years ago
- Threat Hunting tool about Sysmon and graphs☆332Updated last year