Rule Engine

Detect-Phish

Reported Email Analysis & Response

yara_repo

Repository of Yara Rules created by TjNel.

ReversingLabs YARA Rules

Official repository of YARA rules for threat detection and hunting

Yara-Java

Embeddable Yara library for Java with support for loading rules and scanning data.

yaml2yara

A tool for creating custom detection rules from YAML input

YARA Matches Correspondance Array (YMCA)

Tool for visualizing correspondences between YARA ruleset and samples

YARA Rules for ProcFilter

YARA rules for ProcFilter to detect malware and threats

FireEye Red Team Tool Countermeasures

A set of rules for detecting threats in various formats, including Snort, Yara, ClamAV, and HXIOC.

Detection and Hunting Signatures

A set of interrelated detection rules for improving detection and hunting visibility and context

Detection Content Repository

Repository for detection content with various types of rules and payloads.

Shotgunyara

A tool that generates Yara rules for strings and their XOR encoded versions, as well as base64-encoded variations with different padding possibilities.

yaramod

Yaramod is a library for parsing YARA rules into AST and building new YARA rulesets with C++ programming interface.

yara-parser

A Go library for manipulating YARA rulesets with the ability to programatically change metadata, rule names, and more.

yara-rust

Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.

YaraDbg

A free web-based Yara debugger for security analysts to write hunting or detection rules with ease.