Yara rules collection
2022-12-10 23:20:0 Author: bartblaze.blogspot.com(查看原文) 阅读量:4 收藏

Quite a while ago, I've published some of my private Yara rules online, on Github.

They can be found here:

https://github.com/bartblaze/Yara-rules

There's two workflows running on that Github repository:

  • YARA-CI: runs automatically to detect signature errors, as well as false positives and negatives.
  • Package Yara rules: allows download of a complete rules file (all Yara rules from this repo in one file) for convenience from the Actions tab > Artifacts (see image below).

image

The Yara rules are divided into:

  • APT
  • Crimeware
  • Generic
  • Hacktools
  • Ransomware

Furthermore, the rules can work natively with AssemblyLine due to the CCCS Yara rule standard adoption.

PR's are welcome where you see fit. 


文章来源: https://bartblaze.blogspot.com/2022/12/yara-rules-collection.html
如有侵权请联系:admin#unsafe.sh