Displaying 1 to 4 from 4 results

awesome-yara - A curated list of awesome YARA rules, tools, and people.

  •    

A curated list of awesome YARA rules, tools, and resources. Inspired by awesome-python and awesome-php. YARA is an ancronym for: YARA: Another Recursive Ancronym, or Yet Another Ridiculous Acronym. Pick your choice.

yaml2yara - Generate bulk YARA rules from YAML input

  •    HTML

This project is released under the AGPL license. Please see LICENSE for more information. This repository contains a script that will create custom detection rules from YAML input.

ThreatKB - Knowledge base workflow management for Yara rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

  •    Javascript

It's best to run the application and it's Python virtualenv within a screen session to ensure ThreatKB continues to run. Note: Within screen, Ctrl+a+d will dettach your session and return you to your normal shell. To return to the screen session, run screen -list and look for the "Inquest_ThreatKB" entry followed by its PID then use screen -r InQuest_ThreatKB.<PID> to reattach.

yara-rules - A collection of Yara rules we wish to share with the world, most probably referenced from http://blog

  •    

A collection of Yara rules we wish to share with the world, most probably referenced from http://blog.inquest.net.