A curated list of awesome YARA rules, tools, and people.
ReversingLabs YARA Rules
Extracted Yara rules from Windows Defender mpavbase and mpasbase
A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.
Collection of private Yara rules.
yara detection rules for hunting with the threathunting-keywords project
Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Repository that contains a set of purposefully erroneous Yara rules.
Collection of YARA signatures from individual research
YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.
The goal of this program is to quickly pull and install repos from its list
A set of YARA rules for the AIL framework to detect leak or information disclosure
A script to collect (the most famous) Yara rules from more than 150 free resources. Free alternative to: https://valhalla.nextron-systems.com/
Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-strike/sleep-mask-kit-iocs
Welcome to the Pressidium® Yara Rules repository. This section contains a carefully curated collection of Yara rules specifically designed to detect and prevent WordPress or PHP malware and viruses, ensuring a safer online environment.
Factual rules are YARA rules to find legitimate software on raw disk acquisition.
IDA plugin for YARA signature creation
Add a description, image, and links to the yara-signatures topic page so that developers can more easily learn about it.
To associate your repository with the yara-signatures topic, visit your repo's landing page and select "manage topics."