The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Yara Open-Source Projects
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
APKiD
Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
Ukraine-Cyber-Operations
Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine.
-
sauron
A minimalistic cross-platform malware scanner with non-blocking realtime filesystem monitoring using YARA rules. (by evilsocket)
-
fleur
Fleur implements a Bloom Filter library in C that is fully compatible with DCSO's Go and python implementations.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: My Boss Downloaded and Opened a .lnk File and Installed a Malware in His Device | /r/computerforensics | 2023-06-06You should run a tool like loki for ioc scanning. This will identify persistence https://github.com/Neo23x0/Loki
Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
Also have an instance of S1EM - https://github.com/V1D1AN/S1EM - running, monitoring my home LAN, firewall etc. It's huge overkill, and your machine may struggle to run it if you ran anything else with it, but might be worth looking at.
go-yara - A tool for identifying and classifying malware samples. Although YARA has functionality for templating and regular expressions, it is very limited, so I will not include this library in the upcoming tests.
Project mention: YAMA: Yet Another Memory Analyzer for malware detection | /r/blueteamsec | 2023-08-14
Yara related posts
- Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
- Ask HN: Regex on a File or Stream
- Who does check linux distros of malware - open source
- Release YARA v4.4.0-rc1 - lnk module
- YAMA: Yet Another Memory Analyzer for malware detection
- My Boss Downloaded and Opened a .lnk File and Installed a Malware in His Device
- Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
-
A note from our sponsor - WorkOS
workos.com | 25 Apr 2024
Index
What are some of the best open-source Yara projects? This list will help you:
Project | Stars | |
---|---|---|
1 | yara | 7,632 |
2 | awesome-yara | 3,245 |
3 | Loki | 3,219 |
4 | signature-base | 2,329 |
5 | DIE-engine | 2,101 |
6 | APKiD | 1,895 |
7 | malware-ioc | 1,503 |
8 | yarGen | 1,447 |
9 | YaraHunter | 1,229 |
10 | Ukraine-Cyber-Operations | 908 |
11 | strelka | 796 |
12 | ThreatIngestor | 781 |
13 | reversinglabs-yara-rules | 688 |
14 | yara-python | 622 |
15 | ImHex-Patterns | 532 |
16 | iocextract | 485 |
17 | S1EM | 385 |
18 | binlex | 384 |
19 | go-yara | 342 |
20 | sauron | 177 |
21 | YAMA | 166 |
22 | fleur | 116 |
23 | wafaray | 106 |
Sponsored