issues
search
Neo23x0
/
signature-base
YARA signature and IOC database for my scanners and tools
Other
2.49k
stars
604
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Help
#328
tmorganPDC
closed
3 weeks ago
0
feat: new rule related to inc ransomware
#327
X-Junior
closed
1 month ago
0
Add perfctl rootkit to IOCs (C2, hashes, filenames)
#326
helix-loop
closed
1 month ago
0
gen_anydesk_compromised_cert_feb23 is bullshit in case of older binary
#325
lhpitn
closed
2 months ago
6
fix fp in Suspicious_Size_taskhost_exe
#324
ruppde
opened
5 months ago
0
fix fp in Suspicious_Size_firefox_exe
#323
ruppde
opened
5 months ago
0
Undefined identifier "owner" in yara_mixed_ext_vars.yar line 391
#322
vitusb
opened
5 months ago
0
Update RegEx Patterns for YARA-X Compatibility
#321
ForensicITGuy
closed
6 months ago
2
Update vuln_paloalto_cve_2024_3400_apr24.yar
#320
mgreen27
opened
6 months ago
0
False positive Trojan:Script/Phonzy.A!ml
#319
groupecraft
opened
7 months ago
0
Update configured_vulns_ext_vars.yar
#318
ruppde
closed
7 months ago
0
False Positive in Rule WEBSHELL_PHP_Dynamic_Big
#317
gotmls
opened
7 months ago
3
fix: more generic FPs
#316
phantinuss
closed
7 months ago
0
feat: EXT_SUSP_GObfuscate_May21 modification
#315
pH-T
closed
7 months ago
0
Update bkdr_xz_util_cve_2024_3094.yar
#314
ruppde
closed
7 months ago
0
Added rule detecting backdoored liblzma
#313
3c7
closed
7 months ago
1
fix some regex and add *.swp to .gitignore
#312
ruppde
closed
8 months ago
0
Update LICENSE
#311
Neo23x0
opened
8 months ago
0
Create MacOS_RustDoor_Malware.yar
#310
raid-sailor
closed
7 months ago
0
False positive for the WEBSHELL_PHP_Dynamic_Big rule
#309
vsushkov
closed
9 months ago
2
False positive with getgo readme
#308
Fryyyyy
closed
7 months ago
1
feat: new rules related to Peach Sandstorm APT
#307
X-Junior
closed
9 months ago
0
Inserting new unpacked IcedID detection signature - crime_icedid.yar file
#306
Icaro-Cesar
closed
6 months ago
0
Invalid MD5 entry
#305
SkewedZeppelin
closed
11 months ago
1
fix: FP with Windows server 2k8
#304
phantinuss
closed
11 months ago
0
gen_mal_3cx_compromise_mar23.yar
#303
DYarizadeh
opened
11 months ago
1
Create mal_fake_document_software.yar
#302
cod3nym
closed
11 months ago
0
refactor: change uuid to id
#301
Neo23x0
closed
11 months ago
0
UUID inserts
#300
Neo23x0
closed
11 months ago
0
feat: UUIDs generate with yara-uuid-generator
#299
Neo23x0
closed
11 months ago
0
Update gen_webshells.yar
#298
ruppde
closed
9 months ago
0
Update gen_github_net_redteam_tools_guids.yar
#297
ruppde
closed
9 months ago
4
fix: Remove Rule with to many FPs
#296
humpalum
closed
1 year ago
0
fix: variable in condition
#295
phantinuss
closed
1 year ago
1
fix: FP with WhatsApp default location
#294
phantinuss
closed
1 year ago
0
How to fix undefinied idenfier filename in Linux
#293
HydraDragonAntivirus
closed
1 year ago
5
fix: FP found in customer Env
#292
humpalum
closed
1 year ago
0
False Positive Notice - Trojan Characteristics (WhatsApp)
#291
Esky580
closed
1 year ago
1
fix: FPs found in testing env
#290
phantinuss
closed
1 year ago
0
Update gen_webshells.yar
#289
ruppde
closed
1 year ago
0
Update gen_vcruntime140_dll_sideloading.yar
#288
Neo23x0
closed
1 year ago
0
Update gen_vcruntime140_dll_sideloading.yar
#287
Neo23x0
closed
1 year ago
0
fix: missing pe
#286
Neo23x0
closed
1 year ago
0
Create exploit_cve_2023_38146.yar
#285
MHaggis
closed
1 year ago
0
Add gen_vcruntime140_dll_sideloading.yar
#284
cod3nym
closed
1 year ago
0
fix missing "end of comment"
#283
phantinuss
closed
1 year ago
0
False Positive?
#282
derpeste
closed
1 year ago
1
Update mal_ducktail_compromised_certs_jun23.yar
#281
dr4k0nia
closed
1 year ago
0
Fix the YARA assembly workflow
#280
0xThiebaut
closed
1 year ago
0
Update expl_citrix_netscaler_adc_exploitation_cve_2023_3519.yar
#279
Neo23x0
closed
1 year ago
0
Next