YARA Rules Collection Logo

YARA Rules Collection

0
Free
Visit Website

Collection of YARA signatures from recent malware research: - Dacls Trojan Rule: Dacls_Linux.yara - Dacls_Windows.yara - APT32 KerrDown Rule: APT32_KerrDown.yara - ACBackdoor - Linux build Rule: ACBackdoor_Linux.rule - Unnamed Linux Golang Ransomware Rule: Linux_Golang_Ransomware.rule - KPOT v2 Rule: KPOT_v2.yara - WatchBog Linux botnet Rule: WatchBog_Linux.yara - EvilGnome Linux malware Rule: EvilGnome_Linux.yara - APT34 PICKPOCKET Rule: APT34_PICKPOCKET.yara - APT34 LONGWATCH Rule: APT34_LONGWATCH.yara - APT34 VALUEVAULT Rule: APT34_VALUEVAULT.yara

FEATURES

ALTERNATIVES

ZoomEye is an advanced cyberspace search engine that provides detailed information on cyberspace assets, including server software and version information, for cybersecurity experts, researchers, and enterprises.

An IOC tracker written in Python that queries Google Custom Search Engines for various cybersecurity indicators and monitors domain status using Google Safe Browsing APIs.

A minimalistic Java library for representing threat model data in a normalized way and automating threat intelligence extraction.

FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity

Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.

RogueApps is a collaborative repository documenting TTPs of malicious OIDC/OAuth 2.0 applications for cybersecurity research and awareness.

A tool for fetching and visualizing cyber threat intelligence data with Elasticsearch and Kibana integration.

A community-driven public malware repository providing access to malware samples, tools, and resources for the cybersecurity community.

PINNED