111 repository-uri
Utilities for generating, managing, and integrating YARA rules into security workflows.
Explore 111 awesome GitHub repositories matching part of an awesome list · Development And Analysis Tools. Refine with filters or upvote what's useful.
MISP is an open-source threat intelligence sharing platform designed for collecting, storing, and distributing structured threat indicators and intelligence. At its core, it provides a distributed synchronization protocol for transferring events between instances, an attribute-based correlation engine that links matching indicators across events, and a REST API with an OpenAPI specification for programmatic access to threat data. The platform uses formal data formats for JSON, taxonomy, galaxy, and object templates to enable compatibility across tools and communities. The platform distinguish
Threat intelligence platform with YARA support.
Loki is an endpoint detection tool, forensic artifact analyzer, and threat intelligence scanner. It functions as a YARA-based indicator of compromise scanner designed to identify malicious persistence mechanisms, web shells, and unauthorized administration tools across local and remote systems. The project distinguishes itself by integrating multi-source threat intelligence, allowing for the loading of custom signature sets and encrypted indicators. It combines hash-based artifact detection with YARA rule execution to scan files, process memory, and registry hives for known malicious byte seq
Python-based IOC and YARA scanner.
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
Android application identifier for packers and obfuscators.
Your Everyday Threat Intelligence
Platform for organizing threat intelligence.
yarGen is a generator for YARA rules
Rule generator for finding related samples.
IDA pro plugin to find crypto constants (and more)
IDA Pro plugin for finding crypto constants.
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Serverless pipeline for automated file scanning.
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
Cloud-native malware scanner for CI/CD.
Scanning pastebin with yara rules
Scanner for Pastebin using YARA rules.
Real-time, container-based file scanning at enterprise scale
Detection-oriented file analysis system.
Extract and aggregate threat intelligence.
Automated IOC and rule extraction tool.
Laika BOSS: Object Scanning System
Scalable object scanner and intrusion detection system.
Kaspersky's GReAT KLara
Distributed system for scanning samples with rules.
#supply #chain #attack #detection
Tool for enumerating program capabilities via fragment analysis.
Modular file scanning/analysis framework
Framework for aggregating file analysis results.
Defanged Indicator of Compromise (IOC) Extractor.
Extractor for IOCs and YARA rules.
Volatility plugin for extracts configuration data of known malware
Volatility plugin for extracting malware configuration.
YARA malware query accelerator (web frontend)
Web frontend for fast YARA queries on datasets.
Incident Response & Digital Forensics Debugging Extension
WinDbg extension for hunting processes in memory.
A YARA-integrated process denial framework for Windows
Process filtering system with YARA integration.