-
## Description suggestions
Is there any way to use remote rule-sets as per instructions in [github.com/Chocolate4U/Iran-sing-box-rules?tab=readme-ov-file#sing-box-core](https://github.com/Chocolate…
-
hi,
did a test drive with your yara rules and while they find malware and nasty things, they just produce too many false positives, to be usable. The ReactOS live CD has 144 hits, the /usr/sbin of …
-
I noticed when I scanned 14 exe's all of the same malware family it outputted a rule for each EXE and none of the detections were that similar. Is there a way to create an overall rule based on the ma…
-
Iam using Wazuh version v4.9.0
--
I have tried to integrate Wazuh CDB with VirusShare MD5 hash to match Sysmon events. Since VirusShare has a very large size, I have split it into 12 files. However,…
-
### Describe the bug
We've recently gotten a deluge of malware alerts from VirusTotal and its scanners and even third parties (ReversingLabs) flagging certain versions of the AWS CLI as malware. So…
-
Hey Unam, so at the moment there are 68 members in the @UnamGroup on Telegram, and although the group isn't overflowing with activity 😅, we have still a nice community going. I, and many others, would…
-
Thank you for the awesome tool! The generated regexes can be very useful when converted into YARA rules for quickly searching for variants of malware samples. It would be helpful to have support for i…
-
### Description
We are creating 8 new, optional, Elastic Defend (Endpoint) promotion rules (https://github.com/elastic/security-team/issues/6287). These will be 4 Detection & 4 Prevention rules for …
-
### Use case
The old JMeter Google Group is corrupted since april 2024 by tens of thousands of spam and fake accounts created by bots.
I reported thousands of spams to Google Group.
JMeter Google…
-
* [ ] Remove YARA files that have all of their rules blacklisted
* [ ] Remove the blacklist entries
* [ ] Consider how to utilize [YARA Forge](https://yarahq.github.io/)
* Challenging as th…