Search Results for "yara"
Sort By:
Showing 13 open source projects for "yara"
View related business solutions-
Add Two Lines of Code. Get Full APM.Works out of the box for Rails, Django, Express, Phoenix, and more. Monitoring exceptions and performance in no time.
-
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
1
YARA
The pattern matching swiss knife for malware researchers
...If you plan to use YARA to scan compressed files (.zip, .tar, etc) you should take a look at yextend, a very helpful extension to YARA developed and open-sourced by Bayshore Networks. -
2
MemProcFS Analyzer
Automated Forensic Analysis of Windows Memory Dumps for DFIR
MemProcFS-Analyzer is a forensic analysis toolset that builds on the MemProcFS virtual filesystem to make volatile memory artefacts easier to browse and interpret. By exposing process memory, kernel objects, and derived artifacts as regular files, the framework lets analysts use familiar filesystem operations and standard tools (editors, grep, diff) to explore memory snapshots. The Analyzer layer adds higher-level parsing and extraction routines—for example, carving strings, locating... -
3
ImHex
A Hex Editor for Reverse Engineers, Programmers
ImHex is a Hex Editor, a tool to display, decode and analyze binary data to reverse engineer their format, extract informations or patch values in them. What makes ImHex special is that it has many advanced features that can often only be found in paid applications. Such features are a completely custom binary template and pattern language to decode and highlight structures in the data, a graphical node-based data processor to pre-process values before they're displayed, a disassembler,... -
4
IntelOwl
Centralized platform for automated threat intelligence analysis
...The system features a modular architecture built around plugins that allow new analyzers, connectors, and integrations to be added easily. These plugins can collect data from external intelligence platforms or generate insights using internal analysis tools such as YARA or static malware analyzers. -
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
5
GRR
GRR Rapid Response, remote live forensics for incident response
GRR Rapid Response is an incident response framework focused on remote live forensics. It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR client is deployed on systems that one might want to investigate. On every such system, once... -
6
Elkeid
Open source solution that can meet the requirements of workloads
Elkeid is an open-source platform for security and intrusion-detection that aims to support a wide variety of deployment contexts — from bare-metal hosts to containers, Kubernetes clusters, and even serverless environments. It was born out of ByteDance’s internal security best practices, offering for community users a subset of its enterprise-grade capabilities. Elkeid combines kernel-level data collection, user-space agents, and runtime instrumentation (RASP) to detect malicious behavior,... -
7
A professional PE (Portable Executable) analysis and modification tool for Windows executables and DLLs.
-
8
HydraDragonAntivirus
Open Source Antivirus/XDR for Windows operating system
Dynamic and static analysis with Real Time Malware Analysis with Antivirus for Windows, including open-source XDR (3 EDR projects), ClamAV, YARA-X, machine learning AI, behavioral analysis, Unpacker, Deobfuscator, Decompiler, website signatures, Ghidra, Suricata, Sigma, Kernel, Hypervisior based protection and much more than you can imagine. -
9
DeepBlueCLI
PowerShell Module for Threat Hunting via Windows Event Logs
DeepBlueCLI is a PowerShell-centric threat-hunting toolkit built to extract, normalize, and flag suspicious activity from Windows event logs and Sysmon telemetry. It parses common sources—including Windows Security, System, Application, PowerShell logs, and Sysmon event ID 1—then applies a rich set of detection heuristics for things like suspicious account changes, password guessing and spraying, service tampering, PowerShell obfuscation and download-string usage, long or unusual command... -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
IDA Signsrch
IDA Pro plug-in of Luigi Auriemma's signsrch signature matching tool.
IDA Pro plug-in conversion of Luigi Auriemma's signsrch signature matching tool. * Deprecated, will no longer be updated, please see my use my superior YARA for IDA plugin here: https://github.com/kweatherman/yara4ida * July 2018, updated to IDA 7.1 Luigi's original signsrch description: "Tool for searching signatures inside files, extremely useful as help in reversing jobs like figuring or having an initial idea of what encryption/- compression algorithm is used for a proprietary protocol or file. ... -
11
Detekt
Malware triaging tool
Detekt is a free Python tool that scans your Windows computer (using Yara, Volatility and Winpmem) for traces of malware. Specifically, it can detect the presence of pre-defined patterns which are unique identifiers of commercial surveillance spyware FinFisher FinSpy and HackingTeam RCS. Note however, that Detekt may not be able to detect the most recent versions of those malware families. They may have been updated or have other versions not detected by this tool. -
12
PhishBlock
A program that detects and blocks phishing, pharming, Hacker's C&C.
PhishBlock is a security program that detects and blocks Phishing, Pharming, Hacker’s C&C(Command and Control) Servers which are located in databases with URLs, DNS hostnames, and IP Addresses. This program detects and blocks Malware URLs, bad Hosts, and bad IP addresses. Recently, most malware codes are delivered covertly to users’ personal computers through Google ads, SNS, Blogs, BBS and so on, which users visit often. And After the malware codes connect the C&C server(or... -
13
Yara is a fast, embeddable RSS aggregator and parser. It is written in C++ and exposes a very simple API in C.
- Previous
- You're on page 1
- Next
