The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 11 yara-rule Open-Source Projects
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
yaralyzer
Visually inspect and force decode YARA and regex matches found in both binary and text data. With Colors.
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
yara4ida
Unofficial YARA IDA Pro plugin, along with an unparalleled crypto/hash/compression rule set based on Luigi Auriemma's signsrch signatures.
-
audit-node-modules-with-yara
Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles
-
AMAYARA-Lab
The アマヤラ Lab project provides a ready-to-use Jupyter Lab environment to help out with Android malware analysis using YARA rules.
Project mention: My Boss Downloaded and Opened a .lnk File and Installed a Malware in His Device | /r/computerforensics | 2023-06-06You should run a tool like loki for ioc scanning. This will identify persistence https://github.com/Neo23x0/Loki
Project mention: Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) | news.ycombinator.com | 2024-04-01> It doesn't matter.
To understand the exact behavior and extend of the backdoor, this does matter. An end to end proof of how it works is exactly what was needed.
> A way to check if servers are vulnerable is probably by querying the package manager
Yes, this has been know since the initial report + later discovering what exact strings are present for the payload.
https://github.com/Neo23x0/signature-base/blob/master/yara/b...
> Not very sophisticated, but it'll work.
Unfortunately, we live in a world with closed-servers and appliances - being able as a customer or pen tester rule out certain class of security issues without having the source/insights available is usually desirable.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2024-04-01.
yara-rules related posts
- Xzbot: Notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
- Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
- Exploit Outlook CVE-2023-23397 Yara - to detect .msg files exploiting CVE-2023-23397 in Microsoft Outlook
- OneNote Yara rule
- New Exchange Zero Day rumours [29th September]
- Završio/la si TVZ? Još sutra traju prijave za networking događaj Alumnijada 2022 (četvrtak 29.9.2022.)
- Radi li iko u cybersecurity sektoru?
-
A note from our sponsor - WorkOS
workos.com | 19 Apr 2024
Index
What are some of the best open-source yara-rule projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | awesome-yara | 3,234 |
| 2 | Loki | 3,213 |
| 3 | signature-base | 2,320 |
| 4 | reversinglabs-yara-rules | 688 |
| 5 | wafaray | 106 |
| 6 | yaralyzer | 100 |
| 7 | threat-research-and-intelligence | 88 |
| 8 | yara4ida | 57 |
| 9 | Cerebro | 19 |
| 10 | audit-node-modules-with-yara | 19 |
| 11 | AMAYARA-Lab | 1 |
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com