30 open-source projects similar to airbnb/binaryalert, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Binaryalert alternative.
capa is a static analysis tool that scans executable files to identify what a program can do, detecting capabilities such as API calls, byte sequences, and structural patterns without executing the code. It supports multiple file formats including PE, ELF, .NET, and shellcode, and can also process runtime behavior traces from sandbox reports generated by CAPE, DRAKVUF, or VMRay. The tool integrates directly with reverse engineering environments through plugins for IDA Pro and Ghidra, allowing analysts to view capability matches and author detection rules within their disassembler of choice. C
A Yara rule generator for finding related samples and hunting
Alienvault Labs Projects Random Stuff
Repository containing IOCs, CSV and MISP JSON from our blogs
Yara rule generator using VirusTotal code similarity feature code-similar-to:
Maintained by the ANY.RUN team, this repository provides YARA rules to help detect and classify various malware families and other malicious artifacts.
A multi-platform .Net wrapper library for the native Yara library.
Repository that contains a set of purposefully erroneous Yara rules.
Yara integrated software to handle archive file data.
Python 3 tool to parse Yara rules (extension of yarabuilder)
Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Validates yara rules and tries to repair the broken ones.
Yara rules for malware families seen as part of targeted threats project
Performs OCR on image files and scans them for matches to YARA rules