YARA Matches Correspondance Array (YMCA) Logo

YARA Matches Correspondance Array (YMCA)

0
Free
Visit Website

YMCA is a tool designed for threat hunters, incident responders, and security analysts to visually present the correspondences between a YARA ruleset and a collection of samples, focusing exclusively on the strings section of the rules. To use, download and run the standalone binary on Linux or Windows, then access it via localhost:4449. Use cases include gaining a complete view of the coverage of a new rule and reviewing the accuracy of an existing rule at the start of a new campaign.

FEATURES

ALTERNATIVES

ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.

Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.

msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks with extensive functionality for log data analysis, threat intelligence enrichment, and visualization.

A repository of cybersecurity datasets and tools curated by @sooshie.

A modular malware collection and processing framework with support for various threat intelligence feeds.

Automatically create yara rules based on images embedded in office documents.

FraudGuard is a service that provides real-time internet traffic analysis and IP tracking to help validate usage and prevent fraud.

eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.