This repository contains a curated collection of Sigma & Yara rules and Indicators of Compromise (IOCs) shared by Rapid7 Labs. These resources are part of our ongoing efforts to enhance cybersecurity awareness and defense strategies.
Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence, research and analytics.
To get started with the Yara & Sigma rules in this repository, follow these steps:
-
Clone the Repository:
git clone https://github.com/rapid7/Rapid7-Labs.git
-
Explore IOC, Yara,and Sigma Rules: Browse through the various IOCs, Yara,and Sigma rules available in the repository. Each rule is designed to identify specific malware characteristics.
Currently, this repository offers:
- Sigma Rules: Detailed Sigma rules for threat detection. See Sigma folder.
- Yara Rules: Yara rules for identifying malware patterns. See Yara folder.
- Indicators of Compromise: A comprehensive list of IOCs associated with various threats. See IOCs folder.
We welcome contributions from community to enhance and expand the Yara rule set. To contribute:
- Fork the repository.
- Create a new branch for your changes.
- Make your changes and ensure they align with the contribution guidelines.
- Submit a pull request for review.
This repository is licensed under the MIT License. By contributing to this project, you agree to the terms and conditions outlined in the license.
Thank you for using the Rapid7 Labs Repository. If you have any questions or issues, feel free to open an issue or reach out to the repository maintainers. Happy hunting!