Tag

yara

Oldest Newest URL A-Z URL Z-A Title A-Z Title Z-A Random
Rustinel
https://karib0u.github.io/rustinel/

Rustinel is an open-source endpoint detection project for Windows and Linux.

It collects native host telemetry using ETW on Windows and eBPF on Linux, normalizes events into a shared model, evaluates Sigma, YARA, and IOC detections, and writes alerts as ECS NDJSON.

Rustinel is designed for blue teams, detection engineers, researchers, and anyone who wants a transparent endpoint detection engine they can inspect, run, test, and extend.

 
12factor apache2-licensed ebpf ecs foss ioc linux open-source security siem sigma software yara
Added 3 weeks ago
PhishingKit-Yara-Rules
https://stalkphish.com/products/phishingkit-yara-rules/

Repository of Yara rules dedicated to Phishing Kits Zip files.

This repository, dedicated to Phishing Kits zip files YARA rules, is based on zip raw format analysis to find directories and files names, you don't need yara-extend there.

Related contents:

 
agpl3-licensed email foss open-source phishing secint security yara
Added 8 months ago
ThreatIngestor
https://github.com/InQuest/ThreatIngestor

Extract and aggregate threat intelligence. An extendable tool to extract and aggregate IOCs from threat feeds.

ThreatIngestor can be configured to watch Twitter, RSS feeds, or other sources, extract meaningful information such as malicious IPs/domains and YARA signatures, and send that information to another system for analysis.

 
ioc rss secint security twitter yara
Added 3 years ago
YARA
https://virustotal.github.io/yara/

The pattern matching swiss knife for malware researchers.

YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determine its logic.

 
bsd3-licensed foss open-source pattern security yara
Added 8 months ago
pompelmi
https://pompelmi.github.io/pompelmi/

Fast file upload security for Node.js

🔒 Malware scanning • YARA integration • ZIP bomb protection • Express/Koa/Next.js adapters • Private by design.

 
antivirus foss mit-licensed nodejs open-source upload yara
Added 5 months ago
YARA Rule Skill (Community Edition)
https://github.com/YARAHQ/yara-rule-skill

LLM Agent Skill for YARA rule authoring and review.

An LLM Agent Skill for expert YARA rule authoring, review, and optimization. Embeds industry best practices from the creator of YARA-Forge and yaraQA into your AI assistant's context.

 
agent-skills open-source security yara
Added 1 month ago
Kunai
https://why.kunai.rocks/

Threat-hunting tool for Linux . Bring your Linux Threat-Hunting capabilities to the next level.

Kunai is a powerful tool designed to bring actionable insights for tasks such as security monitoring and threat hunting on Linux systems. Think of it as the Linux counterpart to Sysmon on Windows, tailored for comprehensive and precise event monitoring.

Related contents:

 
ebpf forensics foss gpl3-licensed linux log-analytics open-source security yara
Added 1 year ago