Best yara_rules Alternatives & Competitors in 2026

PhishingKit-Yara-Rules

A StalkPhish Project YARA repository for Phishing Kits zip files.

Sigma Query

Searchable repository of Sigma detection rules for threat hunting and SIEM

OCyara

OCyara performs OCR on images and PDF files to extract text content and scan it against Yara rules for malware detection.

Yara Pattern Scanner

A Windows context menu integration tool that scans files and folders for malware patterns, crypto signatures, and malicious documents using Yara rules and PEID signatures.

Factual Rules Generator

An open source tool that generates YARA rules from installed software on running operating systems for efficient software identification in digital forensic investigations.

Yara-Repo

Collects Yara rules from over 150 free resources, a free alternative to Valhalla.

Yara Rules Project

A repository of Yara signatures under the GNU-GPLv2 license for the cybersecurity community.

Yara-Rules Repository

Repository of YARA rules for Trellix ATR blogposts and investigations

Private Yara Rules Repository

A repository of freely usable Yara rules for detection systems, with automated error detection workflows.

FireEye Mandiant SunBurst Countermeasures

FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity

ProcFilter

ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.

im0rtp3's Yara rule repository

A collection of Yara rules licensed under the DRL 1.1 License.

Google Security Operations

Cloud-native SIEM, SOAR, and threat intel platform for SecOps teams

Defender Lens

Turn Any Threat into a Detection Rule

aDolus FACT - Malware Detection

FACT detects malware & ransomware in packages using AV scans & YARA rules.

Cythereal MAGIC™

Malware hunting platform that auto-generates YARA rules from shared code analysis.

Cythereal MAGIC EWS

Analyzes stopped attacks to auto-generate YARA rules and IoCs against APTs.

Sublime Security Sublime Rules

Open-source detection rules for email attacks like BEC, phishing, and malware

THOR Lite

A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.

Yara Manager

A program to manage yara ruleset in a database with support for different databases and configuration options.

Yabin

Yabin creates Yara signatures from malware to find similar samples.

yextend

yextend extends Yara's functionality by automatically handling archived and compressed content inflation, enabling pattern matching on files buried within multiple layers of archives.

YaraParser

Python 3 tool for parsing Yara rules with ongoing development.

Mquery

Blazingly fast Yara queries for malware analysts with an analyst-friendly web GUI.

Yara Validator

A tool for validating and repairing Yara rules

CrowdFMS

CrowdFMS is a CrowdStrike framework that automates malware sample collection from VirusTotal using YARA rule-based notifications and the Private API system.

CDI_yara

A collection of YARA rules for public use, built from intelligence profiles and file work.

Canadian Centre for Cyber Security CCCS YARA Specification

Define and validate YARA rule metadata with CCCS YARA Specification.

Yara4Pentesters

A collection of YARA rules designed to identify files containing sensitive information such as usernames, passwords, and credit card numbers for penetration testing and forensic analysis.

base64_substring

A tool that generates YARA rules to search for specific terms within base64-encoded malware samples by enumerating all possible encoding variations.

YaraDbg

A free web-based Yara debugger for security analysts to write hunting or detection rules with ease.

YAYA - Yet Another Yara Automaton

Automatically curate open-source Yara rules and run scans with YAYA.

lw-yara

A Yara ruleset designed to detect PHP shells and other webserver malware for malware analysis and threat detection.

yara-rust

Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.

ThreatKB

Knowledge base workflow management dashboard for YARA rules and C2 artifacts.

InQuest YARA Rules

A collection of YARA rules for research and hunting purposes.

KLara

KLara is a distributed system written in Python that helps Threat Intelligence researchers hunt for new malware using Yara.

Yara Rules by Malgamy

Collection of Yara rules for file identification and classification

Androguard module for Yara

Integrates static APK analysis with Yara and requires re-compilation of Yara with the androguard module.

Fnord

Fnord is a pattern extraction tool that analyzes obfuscated code using sliding window techniques to identify frequent byte sequences and generate experimental YARA rules for malware analysis.

LOKI

LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection.

Auditd Configuration Best Practices

A comprehensive auditd configuration for Linux systems following best practices.

Signature-Base

YARA signature and IOC database for LOKI and THOR Lite scanners with high quality rules and IOCs.

yarAnalyzer

yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.

yarGen

A generator for YARA rules that creates rules from strings found in malware files while removing strings from goodware files.

AutoYara

AutoYara is a Java tool that automatically generates YARA rules from malware samples using biclustering algorithms to help analysts create detection rules for malware families.

yara-parser

A Go library for manipulating YARA rulesets with the ability to programatically change metadata, rule names, and more.

Yara Station

Management portal for LoKi scanner with centralized database for scanning activities.