YARA IoC

Open-source YARA projects categorized as IoC
Edit details
Topics: Yara Malware threat-hunting threat-intelligence anti-virus
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

YARA IoC Projects

  • signature-base

    YARA signature and IOC database for my scanners and tools

    • Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01

    > It doesn't matter.

    To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.

    > A way to check if servers are vulnerable is probably by querying the package manager

    Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.

    https://github.com/Neo23x0/signature-base/blob/master/yara/b...

    > Not very sophisticated, but it'll work.

    Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.

  • malware-ioc

    Indicators of Compromises (IOC) of our various investigations

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

YARA IoC related posts

  • Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

    6 projects | news.ycombinator.com | 1 Apr 2024

  • Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook

    1 project | /r/u_Tsofmetasploit | 16 Mar 2023

  • Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook

    1 project | /r/blueteamsec | 16 Mar 2023

  • OneNote Yara rule

    1 project | /r/blueteamsec | 27 Jan 2023

  • What are your go-to websites to read cybersecurity news in 2023?

    1 project | /r/cybersecurity | 14 Jan 2023

  • New Exchange Zero Day rumours [29th September]

    1 project | /r/msp | 29 Sep 2022

  • Open source tools and DFIR Tryhackme equivalents

    1 project | /r/computerforensics | 28 Jun 2022
  • A note from our sponsor - InfluxDB
    www.influxdata.com | 4 May 2024
    Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

Project Stars
1 signature-base 2,337
2 malware-ioc 1,502

Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com