The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 7 YARA Yara Projects
-
APKiD
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
-
CVE-2022-26134-Exploit-Detection
This repository contains Yara rule and the method that a security investigator may want to use for CVE-2022-26134 threat hunting on their Linux confluence servers.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
YARA Yara related posts
- Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
- Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
- Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
- OneNote Yara rule
- What are your go-to websites to read cybersecurity news in 2023?
- New Exchange Zero Day rumours [29th September]
- Open source tools and DFIR Tryhackme equivalents
-
A note from our sponsor - WorkOS
workos.com | 25 Apr 2024
Index
What are some of the best open-source Yara projects in YARA? This list will help you:
Project | Stars | |
---|---|---|
1 | signature-base | 2,329 |
2 | APKiD | 1,895 |
3 | malware-ioc | 1,503 |
4 | Ukraine-Cyber-Operations | 908 |
5 | reversinglabs-yara-rules | 688 |
6 | Cerebro | 19 |
7 | CVE-2022-26134-Exploit-Detection | 1 |
Sponsored