- Home
- Application Security
- Dynamic Application Security Testing
- Burp-Yara-Rules
Burp-Yara-Rules
A collection of Yara rules for the Burp Yara-Scanner extension that helps identify malicious software and infected web pages during web application security assessments.

Burp-Yara-Rules
A collection of Yara rules for the Burp Yara-Scanner extension that helps identify malicious software and infected web pages during web application security assessments.
Burp-Yara-Rules Description
Burp-Yara-Rules is a collection of Yara rules designed for use with the Burp Yara-Scanner extension during web application security assessments. The ruleset includes detection patterns built from malicious code samples found on the Internet and contributions from third-party sources. These rules help identify malicious software commonly hosted on websites and detect signs of infection in web applications. The rules cover multiple file types and code formats: - HTML code analysis for malicious patterns - JavaScript code inspection for suspicious elements - CSS code examination for embedded threats - JAR file detection for infected Java archives - PDF file analysis for malicious content The tool integrates with Burp Suite through the Yara-Scanner extension, allowing security professionals to scan web applications for indicators of compromise during penetration testing and security assessments. The rules aim to identify infected web pages and help assess the security posture of web applications by detecting various forms of malware and malicious code injection.
FEATURED
Password manager with end-to-end encryption and identity protection features
VPN service providing encrypted internet connections and privacy protection
Fractional CISO services for B2B companies to accelerate sales and compliance
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
TRENDING CATEGORIES
POPULAR
Security platform that provides protection, monitoring and governance for enterprise generative AI applications and LLMs against various threats including prompt injection and data poisoning.
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.