Rule Engine

A cloud-based web application firewall that protects applications from various cyber threats through rule-based filtering, machine learning detection, and integrated security features.

Embeddable Yara library for Java with support for loading rules and scanning data.

A free web-based Yara debugger for security analysts to write hunting or detection rules with ease.

A tool for creating custom detection rules from YAML input

Repository for detection content with various types of rules and payloads.

A set of interrelated detection rules for improving detection and hunting visibility and context

YARA rules for ProcFilter to detect malware and threats

Tool for visualizing correspondences between YARA ruleset and samples

Parse YARA rules into a dictionary representation.

A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.

Yaramod is a library for parsing YARA rules into AST and building new YARA rulesets with C++ programming interface.

Yara module for Node.js

Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.

Open-source rules for detecting and preventing email attacks like BEC, malware, and credential phishing.

A tool that generates Yara rules for strings and their XOR encoded versions, as well as base64-encoded variations with different padding possibilities.

Official repository of YARA rules for threat detection and hunting

A Go library for manipulating YARA rulesets with the ability to programatically change metadata, rule names, and more.

Repository of Yara Rules created by TjNel.

Serverless, real-time data analysis framework for incident detection and response.

A testing tool that generates suspect actions to validate and test Falco runtime security monitoring rulesets.