Signature-base Alternatives

Similar projects and alternatives to signature-base

uBlock

1 3,020 52,888 9.8 JavaScript signature-base VS uBlock

uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.
InfluxDB

influxdata.com featured

InfluxDB high-performance time series database. Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems.
hn-search

2 2,025 555 2.9 TypeScript signature-base VS hn-search

Hacker News Search
Loki

3 12 3,514 7.1 Python signature-base VS Loki

Loki - Simple IOC and YARA Scanner (by Neo23x0)
awesome-yara

4 7 3,772 5.5 signature-base VS awesome-yara

A curated list of awesome YARA rules, tools, and people.
log4shell-tool

5 4 15 0.0 signature-base VS log4shell-tool

Log4Shell Enumeration, Mitigation and Attack Detection Tool
malware-ioc

6 7 1,760 7.2 YARA signature-base VS malware-ioc

Indicators of Compromises (IOC) of our various investigations
knockknock

7 8 668 0.0 Python signature-base VS knockknock

A simple, secure, and stealthy port knocking implementation that does not use libpcap or bind to a socket interface.
CodeRabbit

coderabbit.ai featured

CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
reversinglabs-yara-rules

8 3 814 5.2 YARA signature-base VS reversinglabs-yara-rules

ReversingLabs YARA Rules
audit-node-modules-with-yara

9 4 20 0.0 YARA signature-base VS audit-node-modules-with-yara

Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles
blacklist-named

10 1 2 5.6 Shell signature-base VS blacklist-named
yara-python

11 1 687 4.5 C signature-base VS yara-python

The Python interface for YARA
xzbot

12 2 3,508 5.2 Go signature-base VS xzbot

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
ThreatHunting

13 1 581 2.2 YARA signature-base VS ThreatHunting

Tools for hunting for threats. (by GossiTheDog)
pam_2fa

14 1 38 - C signature-base VS pam_2fa

2nd factor authentication using PAM
YaraHunter

15 3 1,308 8.2 Go signature-base VS YaraHunter

🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
SaaSHub

www.saashub.com featured

SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better signature-base alternative or higher similarity.

Suggest an alternative to signature-base

signature-base discussion

signature-base reviews and mentions

Posts with mentions or reviews of signature-base. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2024-04-01.

Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
6 projects | news.ycombinator.com | 1 Apr 2024

> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
1 project | /r/u_Tsofmetasploit | 16 Mar 2023

1 project | /r/blueteamsec | 16 Mar 2023
OneNote Yara rule
1 project | /r/blueteamsec | 27 Jan 2023
New Exchange Zero Day rumours [29th September]
1 project | /r/msp | 29 Sep 2022

* Run the following YARA rules over your logs and aspx files in INSTALL_DIRECTORY/Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\ https://github.com/Neo23x0/signature-base/blob/master/yara/expl_proxyshell.yar
Nvidia Breach
1 project | /r/AskNetsec | 4 Mar 2022

If you have a Yara detection platform, Florian Roth’s rules should detect executables signed with this. https://github.com/Neo23x0/signature-base/blob/master/yara/gen_nvidia_leaked_cert.yar.
Evidence of a log4j attack found - Now what?
2 projects | /r/cybersecurity | 20 Dec 2021

Uses these YARA rules to read JAR, LOG, and TXT files on the system, throwing warnings if any log4shell-looking payloads are found based on those various rules.
Yara rule to detect ProxyToken exploitation
1 project | /r/blueteamsec | 30 Aug 2021
APT29 / NOBELIUM VirusTotal retro hunt results using 12 newly release Yara rules
2 projects | /r/blueteamsec | 30 May 2021

Rules https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt29_nobelium_may21.yar
What are the best FOSS YARA rules you would recommend to deploy?
2 projects | /r/blueteamsec | 11 May 2021
A note from our sponsor - InfluxDB
influxdata.com | 24 Apr 2025

Collect, organize, and act on massive volumes of high-resolution data to power real-time intelligent systems. Learn more →

Stats

Basic signature-base repo stats

Mentions

Stars

2,598

Activity

9.0

Last Commit

6 days ago

Neo23x0/signature-base is an open source project licensed under GNU General Public License v3.0 or later which is an OSI approved license.

The primary programming language of signature-base is YARA.

signature-base

Signature-base Alternatives

Similar projects and alternatives to signature-base

signature-base discussion

signature-base reviews and mentions

Stats

Popular Comparisons