Yara
Browse 155 yara tools
FEATURED
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
Define and validate YARA rule metadata with CCCS YARA Specification.
A collection of Yara rules licensed under the DRL 1.1 License.
A strings statistics calculator for YARA rules to aid malware research.
An IDA Pro plugin that uses YARA rules to automatically detect cryptographic constants and patterns in binary files during reverse engineering analysis.
A Yara scanner for IMAP feeds and saved streams, extracting attachments and scanning them with chosen Yara rule files.
HAWK is a multi-cloud antivirus scanning API that uses CLAMAV and YARA engines to detect malware in AWS S3, Azure Blob Storage, and GCP Cloud Storage objects.
OCyara performs OCR on images and PDF files to extract text content and scan it against Yara rules for malware detection.
Syntax, indent, and filetype detection for YARA rule files with auto-indenting and error display in quickfix window.
A daily collection of IOCs from various sources, including articles and tweets.
Provides indicators of compromise (IOCs) to combat malware with Yara and Snort rules.
A tool that generates Yara rules for strings and their XOR encoded versions, as well as base64-encoded variations with different padding possibilities.
Official repository of YARA rules for threat detection and hunting
A Python-based Burp Suite extension that integrates Yara scanning capabilities for detecting patterns and signatures in web application traffic using custom Yara rules.
A Windows context menu integration tool that scans files and folders for malware patterns, crypto signatures, and malicious documents using Yara rules and PEID signatures.
A collection of YARA rules specifically designed for forensic investigations and malware analysis, providing pattern matching capabilities for files and memory dumps.
LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection.
A collection of Yara signatures developed by Citizen Lab to detect malware used in targeted attacks against civil society organizations.
A Go library for manipulating YARA rulesets with the ability to programatically change metadata, rule names, and more.
A tool for deep analysis of malicious files using ClamAV and YARA rules, with features like scoring suspect files, building visual tree graphs, and extracting specific patterns.
VolatilityBot automates memory dump analysis by extracting executables, detecting code injections, and performing automated malware scanning using YARA and ClamAV.
