Sophos AI YaraML Rules Repository Logo

Sophos AI YaraML Rules Repository

0
Free
Malware Analysis
Machine Learning
Malware Detection
Yara
Rule Generation
Visit Website

YaraML is a tool that automatically generates Yara rules from training data by translating scikit-learn logistic regression and random forest binary classifiers into the Yara language. Give YaraML a directory of malware files and a directory of benign files of any format and it'll extract substring features, downselect your feature space, train a model, and then "compile" the model and return it as a textual Yara rule. To get a feel for what this looks like, see the logistic regression Powershell detector generated by YaraML and given below.

FEATURES

ALTERNATIVES

XSSCon Logo
XSSCon

A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities

Free
Malware Analysis
YARA Rules for ProcFilter Logo
YARA Rules for ProcFilter

YARA rules for ProcFilter to detect malware and threats

Free
Malware Analysis
ROPgadget Tool Logo
ROPgadget Tool

Search gadgets on binaries to facilitate ROP exploitation.

Free
Malware Analysis
YARA IDA Processor Logo
YARA IDA Processor

A tool for processing compiled YARA rules in IDA.

Free
Malware Analysis
Andromeda Logo
Andromeda

Andromeda makes reverse engineering of Android applications faster and easier.

Free
Malware Analysis
AndroZoo Logo
AndroZoo

A collection of Android Applications with malware analysis results

Free
Malware Analysis
Phylum Logo
Phylum

Identifies 137 malicious npm packages and gathers system information to a remote server.

Free
Malware Analysis
Binsequencer Logo
Binsequencer

A tool that scans a corpus of malware and builds a YARA rule to detect similar code sections.

Free
Malware Analysis

PINNED

Mandos Brief Newsletter Logo

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources
PTJunior Logo

PTJunior

An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.

Offensive Security
OSINTLeak Logo

OSINTLeak

OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.

Digital Forensics
ImmuniWeb® Discovery Logo

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management
Checkmarx SCA Logo

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security
Orca Security Logo

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security
DryRun Logo

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security