yarAnalyzer Logo

yarAnalyzer

0
Free
Visit Website

yarAnalyzer creates statistics on a yara rule set and files in a sample directory. Place some signatures with .yar extension in the 'signatures' folder and then run yarAnalyzer on a certain sample directory like: yarAnalyzer.py -p /sample/path -s /signatures. It will generate two tables as command line output and two CSV files (yaranalyzer_file_stats.csv, yaranalyzer_rule_stats.csv). A new feature is the inventory creation. yarAnalyzer.py --inventory -s /signatures. This will create a CSV file named yara-rule-inventory.csv (default, set with '-o') with information about the initialized rules (Rule File;Rule Name;Description;Reference). Screenshots, Rule Statistics, File Statistics, CSV Output in Excel.

FEATURES

ALTERNATIVES

Freely available network IOCs for monitoring and incident response

Generate Bro intel files from pdf or html reports.

Powershell Threat Hunting Module for scanning remote endpoints and collecting comprehensive information.

Sigma is a generic and open signature format for SIEM systems and other security tools to detect and respond to threats.

An extendable tool to extract and aggregate IOCs from threat feeds, integrates with ThreatKB and MISP.

A simple, self-contained modular host-based IOC scanner for incident responders.

Amazon GuardDuty is a threat detection service for AWS accounts.

Dataplane.org is a nonprofit organization providing free data, tools, and analysis to increase awareness of Internet trends, anomalies, threats, and misconfigurations.

PINNED