This project, released under the AGPL license by NCC Group Plc and developed by David Cannings, contains a script that generates custom detection rules from YAML input, allowing for easy updating and optimization of bulk rules to take advantage of new YARA features. It aims to store data in a human-readable format, generate rules effortlessly, and produce output compatible with source code management tools like Git and Mercurial.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A platform providing real-time threat intelligence streams and reports on internet-exposed assets to help organizations monitor and secure their attack surface.
Lists of sources and utilities to hunt, detect, and prevent evildoers.
A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.
Proof-of-concept implementation of TAXII services for developers and non-developers.
Maldatabase is a threat intelligence platform providing malware datasets and threat intelligence feeds for malware data science and threat intelligence.
A threat intelligence platform that collects, analyzes, and operationalizes threat data from multiple sources to help organizations identify and respond to security threats.
Machinae is a tool for collecting intelligence from public sites/feeds about various security-related pieces of data.
An Open Source solution for management of Threat Intelligence at scale, integrating multiple analyzers and malware analysis tools.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.