Yara-Rules Repository
Repository of YARA rules to accompany the Trellix ATR blogposts & investigations. We endorse contributing to improve our rules - please send us a pull request with your proposal. In case you discovered a false positive with our rules, please share with us your details in an issue report and we’ll try to improve our Yara rules. Happy Hunting!
FEATURES
SIMILAR TOOLS
A program to manage yara ruleset in a database with support for different databases and configuration options.
A tool designed to handle archive file data and augment Yara's capabilities.
Intezer is a cloud-based malware analysis platform that detects and classifies malware using genetic code analysis.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
Valkyrie is a sophisticated file verdict system that enhances malware detection through behavioral analysis and extensive file feature examination.
An open source machine code decompiler that converts binary executables into readable C source code across multiple architectures and file formats.
Blazingly fast Yara queries for malware analysts with an analyst-friendly web GUI.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.