YARA Rules Collection Logo

YARA Rules Collection

0
Free
Visit Website

Collection of YARA signatures from recent malware research: - Dacls Trojan Rule: Dacls_Linux.yara - Dacls_Windows.yara - APT32 KerrDown Rule: APT32_KerrDown.yara - ACBackdoor - Linux build Rule: ACBackdoor_Linux.rule - Unnamed Linux Golang Ransomware Rule: Linux_Golang_Ransomware.rule - KPOT v2 Rule: KPOT_v2.yara - WatchBog Linux botnet Rule: WatchBog_Linux.yara - EvilGnome Linux malware Rule: EvilGnome_Linux.yara - APT34 PICKPOCKET Rule: APT34_PICKPOCKET.yara - APT34 LONGWATCH Rule: APT34_LONGWATCH.yara - APT34 VALUEVAULT Rule: APT34_VALUEVAULT.yara

FEATURES

ALTERNATIVES

A StalkPhish Project YARA repository for Phishing Kits zip files.

Intelligence feeds for cybersecurity professionals to stay informed about emerging threats and trends.

Repository of Yara Rules created by TjNel.

GCTI's open-source detection signatures for malware and threat detection

A library of event-based analytics written in EQL to detect adversary behaviors, now integrated into the Detection Engine of Kibana.

A visualization tool for threat analysis that organizes APT campaign information and visualizes relations of IOC.

Python-based client for IBM XForce Exchange with an improved version available.

A PowerShell module for threat hunting via Windows Event Logs