Collection of YARA signatures from recent malware research: - Dacls Trojan Rule: Dacls_Linux.yara - Dacls_Windows.yara - APT32 KerrDown Rule: APT32_KerrDown.yara - ACBackdoor - Linux build Rule: ACBackdoor_Linux.rule - Unnamed Linux Golang Ransomware Rule: Linux_Golang_Ransomware.rule - KPOT v2 Rule: KPOT_v2.yara - WatchBog Linux botnet Rule: WatchBog_Linux.yara - EvilGnome Linux malware Rule: EvilGnome_Linux.yara - APT34 PICKPOCKET Rule: APT34_PICKPOCKET.yara - APT34 LONGWATCH Rule: APT34_LONGWATCH.yara - APT34 VALUEVAULT Rule: APT34_VALUEVAULT.yara
FEATURES
SIMILAR TOOLS
A project that detects malicious SSL connections by identifying and blacklisting SSL certificates used by botnet C&C servers and identifying JA3 fingerprints to detect and block malware botnet C&C communication.
A free software that calculates the security ranking of Internet Service Providers to detect malicious activities.
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
A project sharing malicious URLs used for malware distribution to help protect networks.
A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.
A comprehensive Threat Intelligence Program Management Solution for managing the entire CTI lifecycle.
CRITs is an open source malware and threat repository for collaborative threat defense and analysis.
ZoomEye is an advanced cyberspace search engine that provides detailed information on cyberspace assets, including server software and version information, for cybersecurity experts, researchers, and enterprises.
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.