YARA Matches Correspondance Array (YMCA)
YMCA is a tool designed for threat hunters, incident responders, and security analysts to visually present the correspondences between a YARA ruleset and a collection of samples, focusing exclusively on the strings section of the rules. To use, download and run the standalone binary on Linux or Windows, then access it via localhost:4449. Use cases include gaining a complete view of the coverage of a new rule and reviewing the accuracy of an existing rule at the start of a new campaign.
FEATURES
SIMILAR TOOLS
Akamai Hunt is a managed threat hunting service that detects and remediates evasive security risks in network environments using data analysis, AI, and expert investigation.
A repository of freely usable Yara rules for detection systems, with automated error detection workflows.
A reference implementation for collecting events and performing CAR analytics to detect potential adversary activity.
QRadio is a tool/framework designed to consolidate cyber threats intelligence sources.
Darkscope is an AI-powered threat intelligence platform that uses virtual personas to monitor the dark web, social media, and deep web for cyber threats and security risks targeting organizations.
A daily collection of IOCs from various sources, including articles and tweets.
A threat intelligence dissemination layer for open-source security tools with STIX-2 support and plugin-based architecture.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.