Sophos AI YaraML Rules Repository Logo

Sophos AI YaraML Rules Repository

0
Free
Malware Analysis
Machine Learning
Malware Detection
Yara
Rule Generation
Visit Website

YaraML is a tool that automatically generates Yara rules from training data by translating scikit-learn logistic regression and random forest binary classifiers into the Yara language. Give YaraML a directory of malware files and a directory of benign files of any format and it'll extract substring features, downselect your feature space, train a model, and then "compile" the model and return it as a textual Yara rule. To get a feel for what this looks like, see the logistic regression Powershell detector generated by YaraML and given below.

FEATURES

ALTERNATIVES

java2yara Logo
java2yara

A minimal library to generate YARA rules from JAVA with maven support.

Free
Malware Analysis
MultiScanner Logo
MultiScanner

A file analysis framework that automates the evaluation of files by running a suite of tools and aggregating the output.

Free
Malware Analysis
Yara-Unprotect Logo
Yara-Unprotect

A collection of Yara rules for detecting malware evasion techniques

Free
Malware Analysis
jwt-heartbreaker Logo
jwt-heartbreaker

A Burp extension to check JWT tokens for potential weaknesses

Free
Malware Analysis
ysoserial.net Logo
ysoserial.net

A deserialization payload generator for .NET formatters

Free
Malware Analysis
Leveraging INF-SCT Fetch & Execute Techniques For Bypass, Evasion, & Persistence (Part 2) Logo
Leveraging INF-SCT Fetch & Execute Techniques For Bypass, Evasion, & Persistence (Part 2)

A blog post discussing INF-SCT fetch and execute techniques for bypass, evasion, and persistence

Free
Malware Analysis
Yara Decompressor Logo
Yara Decompressor

Tool for decompressing malware samples to run Yara rules against them.

Free
Malware Analysis
BARF Logo
BARF

BARF is an open source binary analysis framework for supporting various binary code analysis tasks in information security.

Free
Malware Analysis

PINNED

Mandos Brief Newsletter Logo

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources
PTJunior Logo

PTJunior

An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.

Offensive Security
CTIChef.com Detection Feeds Logo

CTIChef.com Detection Feeds

A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

Threat Management
ImmuniWeb® Discovery Logo

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security