A curated list of awesome YARA rules, tools, and people.

ReversingLabs YARA Rules

A collection of YARA rules we wish to share with the world, most probably referenced from http://blog.inquest.net.

Collection of private Yara rules.

Extracted Yara rules from Windows Defender mpavbase and mpasbase

Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

yara detection rules for hunting with the threathunting-keywords project

Repository that contains a set of purposefully erroneous Yara rules.

YaraSploit is a collection of Yara rules generated from Metasploit framework shellcodes.

Collection of YARA signatures from individual research

The goal of this program is to quickly pull and install repos from its list

A set of YARA rules for the AIL framework to detect leak or information disclosure

A script to collect (the most famous) Yara rules from more than 150 free resources. Free alternative to: https://valhalla.nextron-systems.com/

Generate bulk YARA rules from YAML input

Collection of my own detection rules

Yara sort

Factual rules are YARA rules to find legitimate software on raw disk acquisition.

Welcome to the Pressidium® Yara Rules repository. This section contains a carefully curated collection of Yara rules specifically designed to detect and prevent WordPress or PHP malware and viruses, ensuring a safer online environment.

Just a git repo for the sleepmask detection rule i found in https://codex-7.gitbook.io/codexs-terminal-window/blue-team/detecting-cobalt-strike/sleep-mask-kit-iocs

IDA plugin for YARA signature creation