awesome-yara
awesome-malware-analysis
Our great sponsors
awesome-yara | awesome-malware-analysis | |
---|---|---|
7 | 8 | |
3,234 | 11,026 | |
2.5% | - | |
5.6 | 0.0 | |
9 days ago | 3 days ago | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
awesome-yara
- XSOAR Yara Feeds
- Incorporating YARA Into Security Processes?
-
Cybersecurity Repositories
YARA
-
YARA Rules for Malware
Check out the myriad of resources available here: https://github.com/InQuest/awesome-yara
-
Identifying packers, crypters or protectors
A signature-based approach with YARA can work to fingerprint the specific software used to obfuscate the malware. A lot of YARA rules for a variety of purposes can be found here, and it might be useful to aggregate ones you care about into your own little detection pipeline.
-
What are the best FOSS YARA rules you would recommend to deploy?
https://github.com/InQuest/awesome-yara#rules
- InQuest/awesome-yara - A curated list of awesome YARA rules, tools, and people.
awesome-malware-analysis
- Windows found a trojan called "ravadon.e". Is this a false alarm or what? I can't find anything about it offline except a site that just copy and pastes the trojan name into it's text.
-
Cybersecurity Repositories
Malware Analysis
-
Understanding cuckoo sandbox json report
The JSON simply contains a summary of artefacts and behavior indicators that had been recorded while your malware sample detonated. Don't get me wrong - but you maybe want to take a step back and check out some of the basics. This page provides a ton of resources for any skill level: https://github.com/rshipp/awesome-malware-analysis
-
Is clamav still regarded as the best virus scanning software on Linux?
https://github.com/rshipp/awesome-malware-analysis *
-
awesome-malware-analysis VS awesome-executable-packing - a user suggested alternative
2 projects | 15 Dec 2021
- Recommended ways to learn malware field of information security? comprehensive guide? not just how to start for a beginner? (although I'm a beginner)
-
The Hitchhiker’s Guide to Online Anonymity (new draft version v0.7.8)
Added reference to https://github.com/rshipp/awesome-malware-analysis in the Malware analysis appendix
-
Malware Sample for beginners
Collection of Tools and Resources - https://github.com/rshipp/awesome-malware-analysis
What are some alternatives?
malware-ioc - Indicators of Compromises (IOC) of our various investigations
awesome-frida - Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
signature-base - YARA signature and IOC database for my scanners and tools
malware-samples - A collection of malware samples caught by several honeypots i manage
yara - The pattern matching swiss knife
MISP - MISP (core software) - Open Source Threat Intelligence and Sharing Platform
audit-node-modules-with-yara - Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles
theZoo - A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Detect-It-Easy - Program for determining types of files for Windows, Linux and MacOS.
HiddenVM - HiddenVM — Use any desktop OS without leaving a trace.
rules - Repository of yara rules
API-Security-Checklist - Checklist of the most important security countermeasures when designing, testing, and releasing your API