Yara-Rules Repository
Repository of YARA rules to accompany the Trellix ATR blogposts & investigations. We endorse contributing to improve our rules - please send us a pull request with your proposal. In case you discovered a false positive with our rules, please share with us your details in an issue report and we’ll try to improve our Yara rules. Happy Hunting!
FEATURES
SIMILAR TOOLS
A sandbox for quickly sandboxing known or unknown families of Android Malware
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
A program to manage yara ruleset in a database with support for different databases and configuration options.
An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.
A collaborative malware analysis framework with various features for automated analysis tasks.
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
A .NET assembly debugger and editor that enables reverse engineering and dynamic analysis of compiled .NET applications without source code access.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
PINNED
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.