Elastic Security YARA Rules

Real-time, container-based file scanning system for threat hunting and incident response.

Elastic Security Offers Signature-Based YARA Rules for Threat Detection

Elastic Security offers signature-based YARA rules as part of the Elastic Endpoint product. These rules are designed to detect and prevent emerging threats across Linux, Windows, and macOS systems.

The repository contains over 1,000 YARA rules for cybersecurity

The repository contains over 1,000 YARA rules designed to combat threats such as Trojans, ransomware, cryptominers, and more. These rules are useful for various purposes, including Network Defending, Threat Hunting, Incident Response, and Malware Analysis. We welcome contributions, and all rules are licensed under the Elastic License v2.

Other AI Tools

OWASP Foundation

Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.

Details

OWASP Joomla Vulnerability Scanner

An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.

Details

OWASP Honeypot

Apache 2 based honeypot for detecting and blocking Struts CVE 2017-5638 exploit with added support for content disposition filename parsing vulnerability.

Details