|about 1 month ago||4 days ago|
|GNU General Public License v3.0 only||GNU General Public License v3.0 or later|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Evidence of a log4j attack found - Now what?
2 projects | /r/cybersecurity | 20 Dec 2021
Uses these YARA rules to read JAR, LOG, and TXT files on the system, throwing warnings if any log4shell-looking payloads are found based on those various rules.
APT29 / NOBELIUM VirusTotal retro hunt results using 12 newly release Yara rules
2 projects | /r/blueteamsec | 30 May 2021
What are the best FOSS YARA rules you would recommend to deploy?
2 projects | /r/blueteamsec | 11 May 2021
OISD Domain Blocklist
4 projects | /r/oisd_blocklist | 16 Mar 2021
What are some alternatives?
malware-ioc - Indicators of Compromises (IOC) of our various investigations
sysmon-config - Sysmon configuration file template with default high-quality event tracing
Loki - Loki - Simple IOC and YARA Scanner
awesome-yara - A curated list of awesome YARA rules, tools, and people.
MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform
reversinglabs-yara-rules - ReversingLabs YARA Rules
audit-node-modules-with-yara - Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles
PetitPotam - PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
yara-python - The Python interface for YARA
YaraHunter - 🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
uBlock - uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.