Elastic Security YARA Rules Logo

Elastic Security YARA Rules

0
Free
Visit Website

Elastic Security provides signature-based YARA rules within the Elastic Endpoint product to detect and prevent emerging threats within Linux, Windows, and macOS systems. The repository holds over 1,000 YARA rules used for stopping Trojans, ransomware, cryptominers, and more, suitable for Network Defending, Threat Hunting, Incident Response, Malware Analysis, and more. Contributions are welcome, and the rules are licensed under the Elastic License v2.

FEATURES

ALTERNATIVES

RiskAnalytics Solutions offers community projects for cyber threat intelligence sharing and collaboration.

OpenIOC editor for building and manipulating threat intelligence data with support for various systems.

Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.

Official repository of YARA rules for threat detection and hunting

A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.

DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.

Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.

Check if an IP address was used as a Tor relay on a given date.