The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Signature-base Alternatives
Similar projects and alternatives to signature-base
-
uBlock
uBlock Origin - An efficient blocker for Chromium and Firefox. Fast and lean.
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
awesome-yara
A curated list of awesome YARA rules, tools, and people.
-
malware-ioc
Indicators of Compromises (IOC) of our various investigations
-
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
audit-node-modules-with-yara
Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles
-
log4shell-tool
Log4Shell Enumeration, Mitigation and Attack Detection Tool
-
-
knockknock
A simple, secure, and stealthy port knocking implementation that does not use libpcap or bind to a socket interface.
-
YaraHunter
🔍🔍 Malware scanner for cloud-native, as part of CI/CD and at Runtime 🔍🔍
-
xzbot
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
signature-base reviews and mentions
-
Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
- Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
- OneNote Yara rule
-
New Exchange Zero Day rumours [29th September]
* Run the following YARA rules over your logs and aspx files in INSTALL_DIRECTORY/Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\ https://github.com/Neo23x0/signature-base/blob/master/yara/expl_proxyshell.yar
-
Nvidia Breach
If you have a Yara detection platform, Florian Roth’s rules should detect executables signed with this. https://github.com/Neo23x0/signature-base/blob/master/yara/gen_nvidia_leaked_cert.yar.
-
Evidence of a log4j attack found - Now what?
Uses these YARA rules to read JAR, LOG, and TXT files on the system, throwing warnings if any log4shell-looking payloads are found based on those various rules.
- Yara rule to detect ProxyToken exploitation
-
APT29 / NOBELIUM VirusTotal retro hunt results using 12 newly release Yara rules
Rules https://github.com/Neo23x0/signature-base/blob/master/yara/apt_apt29_nobelium_may21.yar
- What are the best FOSS YARA rules you would recommend to deploy?
-
A note from our sponsor - WorkOS
workos.com | 18 Apr 2024
Stats
Neo23x0/signature-base is an open source project licensed under GNU General Public License v3.0 or later which is an OSI approved license.
The primary programming language of signature-base is YARA.
Popular Comparisons
- signature-base VS malware-ioc
- signature-base VS Loki
- signature-base VS awesome-yara
- signature-base VS ThreatHunting
- signature-base VS reversinglabs-yara-rules
- signature-base VS audit-node-modules-with-yara
- signature-base VS yara-python
- signature-base VS YaraHunter
- signature-base VS blacklist-named
- signature-base VS uBlock