Search Results for "yara"
Sort By:
Showing 16 open source projects for "yara"
View related business solutions-
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
1
YARA
The pattern matching swiss knife for malware researchers
...If you plan to use YARA to scan compressed files (.zip, .tar, etc) you should take a look at yextend, a very helpful extension to YARA developed and open-sourced by Bayshore Networks. -
2
MemProcFS Analyzer
Automated Forensic Analysis of Windows Memory Dumps for DFIR
MemProcFS-Analyzer is a forensic analysis toolset that builds on the MemProcFS virtual filesystem to make volatile memory artefacts easier to browse and interpret. By exposing process memory, kernel objects, and derived artifacts as regular files, the framework lets analysts use familiar filesystem operations and standard tools (editors, grep, diff) to explore memory snapshots. The Analyzer layer adds higher-level parsing and extraction routines—for example, carving strings, locating... -
3
ImHex
A Hex Editor for Reverse Engineers, Programmers
ImHex is a Hex Editor, a tool to display, decode and analyze binary data to reverse engineer their format, extract informations or patch values in them. What makes ImHex special is that it has many advanced features that can often only be found in paid applications. Such features are a completely custom binary template and pattern language to decode and highlight structures in the data, a graphical node-based data processor to pre-process values before they're displayed, a disassembler,... -
4
HydraDragonAntivirus
Windows antivirus gui for ClamAV, YARA and my machine learning
It's no longer cross platform please switch to github repo -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
5
GRR
GRR Rapid Response, remote live forensics for incident response
GRR Rapid Response is an incident response framework focused on remote live forensics. It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR client is deployed on systems that one might want to investigate. On every such system, once... -
6
IntelOwl
Centralized platform for automated threat intelligence analysis
...The system features a modular architecture built around plugins that allow new analyzers, connectors, and integrations to be added easily. These plugins can collect data from external intelligence platforms or generate insights using internal analysis tools such as YARA or static malware analyzers. -
7
Elkeid
Open source solution that can meet the requirements of workloads
Elkeid is an open-source platform for security and intrusion-detection that aims to support a wide variety of deployment contexts — from bare-metal hosts to containers, Kubernetes clusters, and even serverless environments. It was born out of ByteDance’s internal security best practices, offering for community users a subset of its enterprise-grade capabilities. Elkeid combines kernel-level data collection, user-space agents, and runtime instrumentation (RASP) to detect malicious behavior,... -
8
A professional PE (Portable Executable) analysis and modification tool for Windows executables and DLLs.
-
9
HydraDragonAntivirus
Dynamic and static analysis with Sandboxie for Windows, including EDR
Dynamic and static analysis with Sandboxie for Windows, including EDR, ClamAV, YARA-X, custom machine learning AI, behavioral analysis, NLP-based detection, website signatures, Ghidra, Suricata, Sigma, and much more than you can imagine -
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
10
DeepBlueCLI
PowerShell Module for Threat Hunting via Windows Event Logs
DeepBlueCLI is a PowerShell-centric threat-hunting toolkit built to extract, normalize, and flag suspicious activity from Windows event logs and Sysmon telemetry. It parses common sources—including Windows Security, System, Application, PowerShell logs, and Sysmon event ID 1—then applies a rich set of detection heuristics for things like suspicious account changes, password guessing and spraying, service tampering, PowerShell obfuscation and download-string usage, long or unusual command... -
11
IDA Signsrch
IDA Pro plug-in of Luigi Auriemma's signsrch signature matching tool.
IDA Pro plug-in conversion of Luigi Auriemma's signsrch signature matching tool. * Deprecated, will no longer be updated, please see my use my superior YARA for IDA plugin here: https://github.com/kweatherman/yara4ida * July 2018, updated to IDA 7.1 Luigi's original signsrch description: "Tool for searching signatures inside files, extremely useful as help in reversing jobs like figuring or having an initial idea of what encryption/- compression algorithm is used for a proprietary protocol or file. ... -
12
Detekt
Malware triaging tool
Detekt is a free Python tool that scans your Windows computer (using Yara, Volatility and Winpmem) for traces of malware. Specifically, it can detect the presence of pre-defined patterns which are unique identifiers of commercial surveillance spyware FinFisher FinSpy and HackingTeam RCS. Note however, that Detekt may not be able to detect the most recent versions of those malware families. They may have been updated or have other versions not detected by this tool. -
13
PhishBlock
A program that detects and blocks phishing, pharming, Hacker's C&C.
PhishBlock is a security program that detects and blocks Phishing, Pharming, Hacker’s C&C(Command and Control) Servers which are located in databases with URLs, DNS hostnames, and IP Addresses. This program detects and blocks Malware URLs, bad Hosts, and bad IP addresses. Recently, most malware codes are delivered covertly to users’ personal computers through Google ads, SNS, Blogs, BBS and so on, which users visit often. And After the malware codes connect the C&C server(or... -
14
HoneyDrive
Honeypots in a box! HoneyDrive is the premier honeypot bundle distro.
HoneyDrive is the premier honeypot Linux distro. It is a virtual appliance (OVA) with Xubuntu Desktop 12.04.4 LTS edition installed. It contains over 10 pre-installed and pre-configured honeypot software packages such as Kippo SSH honeypot, Dionaea and Amun malware honeypots, Honeyd low-interaction honeypot, Glastopf web honeypot and Wordpot, Conpot SCADA/ICS honeypot, Thug and PhoneyC honeyclients and more. Additionally it includes many useful pre-configured scripts and utilities to... -
15
-
16
Yara is a fast, embeddable RSS aggregator and parser. It is written in C++ and exposes a very simple API in C.
- Previous
- You're on page 1
- Next
