#Yara
Showing 60 of 60 repositories tagged #yara, ranked by stars
A curated list of awesome YARA rules, tools, and people.
Loki - Simple IOC and YARA Scanner
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
yarGen is a generator for YARA rules
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Real-time, container-based file scanning at enterprise scale
Hex patterns, include patterns and magic files for the use with the ImHex Hex Editor
Extract and aggregate threat intelligence.
Modular file scanning/analysis framework
A Binary Genetic Traits Lexer Framework
Extracted Yara rules from Windows Defender mpavbase and mpasbase
This project is a SIEM with SIRP and Threat Intel, all in one.
Threat Intel IoCs + bits and pieces of dark matter. Published by Gen Threat Labs.
:wolf: Malware analysis platform
Antivirus software written in Python and C++ that blocks threats through Machine Learning and behavioral monitoring!
Evasion by machine code de-optimization.
An open source framework for enterprise level automated analysis.
16,432 Free Yara rules created by
Analyze PDFs with colors (and YARA)
15-stage Windows malware development & analysis course in Rust. Red team builds it, blue team detects it. All 15 binaries achieved 0/76 on VirusTotal.
Local safety layer for AI agents that use the terminal. Screens risky commands and MCP/tool calls, watches Linux activity with eBPF, blocks dangerous behavior, and keeps audit trails local. Open source, self-hosted, dry-run by default.
Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.
A blazingly fast, multi-threaded TUI malware analysis tool built in Rust. Features deep PE parsing, YARA scanning, and heuristic risk scoring.
YARI is an interactive debugger for YARA Language.
Tools for parsing rulesets using the exact grammar as YARA. Written in Go.
Yet Another Memory Analyzer for malware detection and Guarding Operations with YARA and SIGMA
A file system forensics analysis scanner and threat hunting tool. Scans file systems at the MFT and OS level and stores data in SQL, SQLite or CSV. Threats and data can be probed harnessing the power and syntax of SQL.
Rust bindings for VirusTotal/Yara
A Deep Learning framework that analyses Windows PE files to detect malicious Softwares.
YARA Language Server
stoQ Public Plugins
Simple yara rule manager
Virus cleaning station/gateway
Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
VSCode extension for the YARA pattern matching language
An ICAP Server with yara scanner for URL and content.
Enter Morpheus, your advanced IOC detection tool. Powered by expert YARA rules and integrated with VirusTotal, it scans and identifies Indicators of Compromise with unmatched precision across diverse formats, redefining cybersecurity defense.
Analysis of file (doc, pdf, exe, ...) in deep (emmbedded file(s)) with clamscan and yara rules
Open-source security platform for AI agents -- audits skills before install, monitors 24/7, shares threat intelligence across all users. | AI Agent 開源安全平台 -- 安裝前審計 skill、24/7 即時監控、社群共享威脅情報。
Yara Dockerfile
This is a little plugin to copy disassembly in a way that is usable in YARA rules!
Static and dynamic analysis tool for detecting malicious code, suspicious binaries, and privacy violations
Collection of YARA signatures from individual research
Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets
Maintained by the ANY.RUN team, this repository provides YARA rules to help detect and classify various malware families and other malicious artifacts.
Full static analysis of HyperHives macOS Rust infostealer — 571 decrypted config values, C2 infrastructure, DPRK/Contagious Interview attribution, YARA/Sigma rules, STIX 2.1 bundle, ATT&CK Navigator layer
PackGenome: Automatically Generating Robust YARA Rules for Accurate Malware Packer Detection
Malice Yara Plugin
Commandline utility to interact with the Malpedia service
An experimental script to perform bulk parsing of arbitrary file features with YARA and console logging.
Yara rules written by me, for free use.
Welcome to the Pressidium® Yara Rules repository. This section contains a carefully curated collection of Yara rules specifically designed to detect and prevent WordPress or PHP malware and viruses, ensuring a safer online environment.
A curated collection of YARA rules and structured JSON reports designed to identify and analyze various malware builder variants, for educational and research purposes only.
DFIR Presentations
Static file analysis for PE files
Nuitka Assembly analyzer (as well as PyInstaller and other packagers) and native exe-files for extracting metadata, strings, modules, and structures from compiled ones.exe files. It is not a decompiler - it does not restore the source code.
🦅 ZeroScout: The Autonomous Local & Cloud Threat Hunter. Visualize attacks in a live War Room, identify APT groups via Genetic Analysis, and auto-generate defense rules (YARA/SIGMA). DFIR & Malware Analysis Framework.
YARA rules for malware detection
Formation complète au Reverse Engineering de binaires ELF (GCC/G++) : 36 chapitres, de l'assembleur x86-64 à l'analyse de malware. Bonus .NET, Rust, Go. Cours de Reverse Engineering : binaires ELF, GCC, Ghidra, GDB, Frida, angr, YARA, ImHex. 36 chapitres + exercices corrigés. FR
Hands-on projects for beginners to learn and practice using Yara for malware detection and security monitoring