spyre-project / spyre
simple YARA-based IOC scanner
☆168Updated last month
Alternatives and similar repositories for spyre:
Users that are interested in spyre are comparing it to the libraries listed below
- Signature engine for all your logs☆167Updated last year
- Automatically create YARA rules from malicious documents.☆210Updated 2 years ago
- Collecting & Hunting for IOCs with gusto and style☆237Updated 3 years ago
- S2AN - Mapper of Sigma/Suricata Rules/Signatures ➡️ MITRE ATT&CK Navigator☆85Updated 2 years ago
- YARA rule metadata specification and validation utility / Spécification et validation pour les règles YARA☆100Updated 2 weeks ago
- IOC from articles, tweets for archives☆313Updated last year
- Cross-platform Yara scanner written in Go☆329Updated 2 years ago
- PcapMonkey will provide an easy way to analyze pcap using the latest version of Suricata and Zeek.☆151Updated last year
- A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.☆372Updated 2 years ago
- Import specific data sources into the Sigma generic and open signature format.☆77Updated 2 years ago
- Set of Yara rules for finding files using magics headers☆136Updated 4 years ago
- A Go implementation of JARM☆119Updated 2 years ago
- ☆160Updated 4 years ago
- Anything Sysmon related from the MSTIC R&D team☆150Updated 9 months ago
- Yara-Endpoint is a tool useful for incident response as well as anti-malware enpoint base on Yara signatures.☆106Updated 7 years ago
- ☆170Updated 8 months ago
- Blueteam operational triage registry hunting/forensic tool.☆145Updated last year
- Sigma Detection Rule Repository☆87Updated 4 years ago
- Suricata Language Server is an implementation of the Language Server Protocol for Suricata signatures. It adds syntax check, hints and au…☆68Updated last month
- Suricata rules for network anomaly detection☆156Updated 3 weeks ago
- SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)☆185Updated 3 years ago
- This repository will hold PCAP IOC data related with known malware samples (owner: Bryant Smith)☆100Updated 3 years ago
- ☆130Updated last year
- Sigma rules from Joe Security☆207Updated 4 months ago
- This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a mat…☆61Updated last year
- Live forensic artifacts collector☆165Updated 8 months ago
- Personal compilation of APT malware from whitepaper releases, documents and own research☆259Updated 6 years ago
- Golang Parser for Microsoft Event Logs☆101Updated last month
- c2 traffic☆189Updated 2 years ago
- Cisco Orbital - Osquery queries by Talos☆130Updated 6 months ago