Yara-Rules Repository Logo

Yara-Rules Repository

0
Free
Visit Website

Repository of YARA rules to accompany the Trellix ATR blogposts & investigations. We endorse contributing to improve our rules - please send us a pull request with your proposal. In case you discovered a false positive with our rules, please share with us your details in an issue report and we’ll try to improve our Yara rules. Happy Hunting!

FEATURES

ALTERNATIVES

YARA is a tool for identifying and classifying malware samples based on textual or binary patterns.

YARA rules for ProcFilter to detect malware and threats

ICSREF is a modular framework for automated reverse engineering of industrial control systems binaries

A tool to dump ODIN3 messages into files for reverse-engineering

PinCTF is a tool for using Intel's Pin Tool to instrument reverse engineering binaries and count instructions.

A Python library for automating time-based blind SQL injection attacks

A better version of my xssfinder tool that scans for different types of XSS on a list of URLs.

A collection of publicly available YARA rules for detecting and classifying malware.