YARA Rules Collection

msticpy is a library for InfoSec investigation and hunting in Jupyter Notebooks with extensive functionality for log data analysis, threat intelligence enrichment, and visualization.

Visit Website

Collection of YARA Signatures from Recent Malware Research

This document presents a collection of YARA signatures derived from recent malware research: - Dacls Trojan Rule: Dacls_Linux.yara - Dacls_Windows.yara - APT32 KerrDown Rule: APT32_KerrDown.yara - ACBackdoor - Linux Build Rule: ACBackdoor_Linux.rule - Unnamed Linux Golang Ransomware Rule: Linux_Golang_Ransomware.rule - KPOT v2 Rule: KPOT_v2.yara - WatchBog Linux Botnet Rule: WatchBog_Linux.yara - EvilGnome Linux Malware Rule: EvilGnome_Linux.yara - APT34 PICKPOCKET Rule: APT34_PICKPOCKET.yara - APT34 LONGWATCH Rule: APT34_LONGWATCH.yara - APT34 VALUEVAULT Rule: APT34_VALUEVAULT.yara

Other AI Tools

OWASP Foundation

Advanced vulnerability assessment tool for gaining visibility and preventing cyber attacks.

Details

OWASP Joomla Vulnerability Scanner

An OSINT tool that generates username lists for companies on LinkedIn for social engineering attacks or security testing purposes.

Details

OWASP Honeypot

Apache 2 based honeypot for detecting and blocking Struts CVE 2017-5638 exploit with added support for content disposition filename parsing vulnerability.

Details