signature-base
Signature base for my scanner tools (by Neo23x0)
reversinglabs-yara-rules
ReversingLabs YARA Rules (by reversinglabs)
Our great sponsors
| signature-base | reversinglabs-yara-rules | |
|---|---|---|
| 7 | 1 | |
| 1,709 | 448 | |
| - | 4.0% | |
| 9.0 | 6.6 | |
| 3 days ago | 6 days ago | |
| YARA | YARA | |
| GNU General Public License v3.0 or later | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
signature-base
Posts with mentions or reviews of signature-base.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-12-20.
-
Nvidia Breach
If you have a Yara detection platform, Florian Roth’s rules should detect executables signed with this. https://github.com/Neo23x0/signature-base/blob/master/yara/gen_nvidia_leaked_cert.yar.
-
Evidence of a log4j attack found - Now what?
Uses these YARA rules to read JAR, LOG, and TXT files on the system, throwing warnings if any log4shell-looking payloads are found based on those various rules.
- Yara rule to detect ProxyToken exploitation
-
APT29 / NOBELIUM VirusTotal retro hunt results using 12 newly release Yara rules
Rules https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt29_nobelium_may21.yar
- What are the best FOSS YARA rules you would recommend to deploy?
- OISD Domain Blocklist
-
At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software
Is this what he's writing about that anyone can use to scan for backdoors? https://github.com/Neo23x0/signature-base/blob/master/yara/apt_hafnium.yar
reversinglabs-yara-rules
Posts with mentions or reviews of reversinglabs-yara-rules.
We have used some of these posts to build our list of alternatives
and similar projects.
What are some alternatives?
When comparing signature-base and reversinglabs-yara-rules you can also consider the following projects:
malware-ioc - Indicators of Compromises (IOC) of our various investigations
Loki - Loki - Simple IOC and Incident Response Scanner
ThreatHunting - Tools for hunting for threats.
awesome-yara - A curated list of awesome YARA rules, tools, and people.
audit-node-modules-with-yara - Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles