yarAnalyzer Logo

yarAnalyzer

0
Free
Visit Website

yarAnalyzer creates statistics on a yara rule set and files in a sample directory. Place some signatures with .yar extension in the 'signatures' folder and then run yarAnalyzer on a certain sample directory like: yarAnalyzer.py -p /sample/path -s /signatures. It will generate two tables as command line output and two CSV files (yaranalyzer_file_stats.csv, yaranalyzer_rule_stats.csv). A new feature is the inventory creation. yarAnalyzer.py --inventory -s /signatures. This will create a CSV file named yara-rule-inventory.csv (default, set with '-o') with information about the initialized rules (Rule File;Rule Name;Description;Reference). Screenshots, Rule Statistics, File Statistics, CSV Output in Excel.

FEATURES

ALTERNATIVES

HoneyDB is a honeypot-based threat intelligence platform that provides real-time insights into attacker behavior and malicious activity on networks.

Provides breach and attack simulation products for security control validation, offering three different products to meet the needs of organizations of various sizes and maturity levels.

A PowerShell module for threat hunting via Windows Event Logs

ThreatMiner is a threat intelligence portal that aggregates data from various sources and provides contextual information related to indicators of compromise (IOCs).

A collection of Yara rules licensed under the DRL 1.1 License.

CLI tool for ThreatCrowd.org with multiple query functions.

An informational repo about hunting for adversaries in your IT environment.

A daily updated summary of security advisories from various sources