YARA Matches Correspondance Array (YMCA) Logo

YARA Matches Correspondance Array (YMCA)

0
Free
Visit Website

YMCA is a tool designed for threat hunters, incident responders, and security analysts to visually present the correspondences between a YARA ruleset and a collection of samples, focusing exclusively on the strings section of the rules. To use, download and run the standalone binary on Linux or Windows, then access it via localhost:4449. Use cases include gaining a complete view of the coverage of a new rule and reviewing the accuracy of an existing rule at the start of a new campaign.

FEATURES

ALTERNATIVES

Automated framework for collecting and processing samples from VirusTotal with YARA rule integration.

A PowerShell module for threat hunting via Windows Event Logs

A cybersecurity tool for managing data points and cyber threat indicators with a focus on neo4j data traversal.

Malware Patrol offers a range of threat intelligence solutions, including enterprise data feeds, DNS firewall, phishing threat intelligence, and small business protection.

Repository containing IoCs related to Volexity's threat intelligence blog posts and tools.

AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.

A collection of companies that disclose adversary TTPs after being breached, useful for analysis of intrusions.

HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.