audit-node-modules-with-yara
Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles (by rpgeeganage)
awesome-yara
A curated list of awesome YARA rules, tools, and people. (by InQuest)
Our great sponsors
| audit-node-modules-with-yara | awesome-yara | |
|---|---|---|
| 4 | 4 | |
| 17 | 1,948 | |
| - | 12.3% | |
| 1.9 | 5.5 | |
| 10 months ago | 3 months ago | |
| YARA | ||
| - | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
audit-node-modules-with-yara
Posts with mentions or reviews of audit-node-modules-with-yara.
We have used some of these posts to build our list of alternatives
and similar projects.
-
Auditing NodeJs modules with YARA rules
To achieve this, I started setting up a small project. It is available at https://github.com/rpgeeganage/audit-node-modules-with-yara
- Node Module supplier chain attack detect using YARA rules
-
Audit Node Module folder with YARA rules
GitHub Repo: https://github.com/rpgeeganage/audit-node-modules-with-yara
awesome-yara
Posts with mentions or reviews of awesome-yara.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-09-25.
-
YARA Rules for Malware
Check out the myriad of resources available here: https://github.com/InQuest/awesome-yara
-
Identifying packers, crypters or protectors
A signature-based approach with YARA can work to fingerprint the specific software used to obfuscate the malware. A lot of YARA rules for a variety of purposes can be found here, and it might be useful to aggregate ones you care about into your own little detection pipeline.
-
What are the best FOSS YARA rules you would recommend to deploy?
https://github.com/InQuest/awesome-yara#rules
- InQuest/awesome-yara - A curated list of awesome YARA rules, tools, and people.
What are some alternatives?
When comparing audit-node-modules-with-yara and awesome-yara you can also consider the following projects:
malware-ioc - Indicators of Compromises (IOC) of our various investigations
awesome-malware-analysis - Defund the Police.
Detect-It-Easy - Program for determining types of files for Windows, Linux and MacOS.
signature-base - Signature base for my scanner tools
yara - The pattern matching swiss knife
solidarity - Solidarity is an environment checker for project dependencies across multiple machines.