Skip to content

EthicalSecurity-Agency/1aN0rmus_Yara

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

exe

exe

 
 

memory

memory

 
 

pcaps

pcaps

 
 

pos

pos

 
 

rtf

rtf

 
 

web

web

 
 

README.md

README.md

 
 

Repository files navigation

Information

Not all these have been fully tested so keep that in mind. They work for my purposes, and they should also work for yours.

I'll add more info when I get some time...

EXE

These are rules for detecting some malicious EXEs

RTF

These are rules for detecting some malicious RTFs

WEB

There are rules to run against weblogs (possible FPs) as well as some for detecting webshells. The HTML, GIF, and PHP one work really well.

PCAPs

For now this is just to search Virus Total for uploaded PCAPs for intel gathering.

Special Thanks

Special thanks to Virus Total for setting me up with a researcher account so I can test these Yara rules before I pass them off to the public for consumption. Much appreciated.

About

Fork of [1aN0rmus / Yara]

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published