Triển khai hệ thống SIEM bằng Wazuh nhằm phát hiện, và ứng phó với các mối đe dọa an ninh mạng. Hệ thống tích hợp Suricata và Yara để giám sát tính toàn vẹn của tệp, phát hiện và tự động ngăn chặn...

costrict-plugins mirror of trailofbits-trailofbits-yara-authoring (auto-generated, do not edit) - costrict-plugins-repo/trailofbits-trailofbits-yara-authoring

MCP server wrapping the YARA pattern-matching engine for binary triage: compile user-supplied rule directories and scan - Heretek-RE/re-yara

MCP server for authoring YARA rules from binary samples: distinctive feature extraction, candidate ranking, rule emissio - Heretek-RE/re-yara-author

Sigma-Anchored Node Test Apparatus. Contribute to mwaddip/santa development by creating an account on GitHub.

A wrapper around yara-python built specifically for the Analysis Correlation Engine (ACE). - unixfreak0037/yara_scanner_v2

AI-authored YARA + Snort/Suricata detection rules for current malware campaigns and vulnerabilities. Each rule ships with reproducible specimens, structurally-similar benign cases, and a test trans...

An enterprise-grade Cybersecurity Forensics Platform designed for Security Operations Centers (SOC). Features an advanced React dashboard, high-fidelity YARA/Volatility memory analysis, and large-s...

Universal Detection Rule Converter — YARA ↔ Sigma ↔ Suricata with Multi-SIEM Output - stephennotw/SigmaForge

smart YARA its tools for make malware analysis . Contribute to mokhtarnine/Smart-YARA-Rule-Generator development by creating an account on GitHub.

An more feature rich version of Git-MalScan with Yara rule intergration, automatic archive unpacking, and optional virustotal scans. - Net-Zer0/Git-MalScanYara

The pattern matching swiss knife. Contribute to VirusTotal/yara development by creating an account on GitHub.

A local-first Detection Intelligence & Entity Correlation Engine that transforms Sigma rule matches into explainable attack-chain narratives with entity risk tracking, behavioral correlatio...

Detection-as-code: Sigma, Falco, and Panther rules with pytest validation and per-rule decision documentation. - ryoshu404/pydetect

Aradbase-YARA is a research-focused repository containing YARA rules developed for detecting and studying active malware families. - bay-ar4fah/Aradbase-yara

AZUL plugins for indexing and querying historical samples with yara queries. - AustralianCyberSecurityCentre/azul-plugin-retrohunt

PyScan is a lightweight Python-based malware analysis tool that performs real-time monitoring and static analysis of files in quarantine folders. It uses entropy analysis, metadata extraction, hash...

Conditional inference trees for Python. Contribute to arschitectura/sigma development by creating an account on GitHub.

Yarek is an CLI tool to manage, build, and test a YARA-X rule library - W3ndige/Yarek

Daily Sigma and Splunk detection-rule monitor — posts to Discord and uploads reports to GitHub - McSloats/RuleRadar