issues
search
Neo23x0
/
signature-base
YARA signature and IOC database for my scanners and tools
Other
2.47k
stars
604
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
changes to old rules
#278
Neo23x0
closed
1 year ago
0
another Citrix netscaler rule (ext vars)
#277
Neo23x0
closed
1 year ago
0
Update airbnb_binaryalert.yar
#276
Neo23x0
closed
1 year ago
0
Turla IOCs
#275
Neo23x0
closed
1 year ago
0
Citrix Netscaler filename IOCs
#274
Neo23x0
closed
1 year ago
0
Create expl_citrix_netscaler_adc_exploitation_cve_2023_3519.yar
#273
Neo23x0
closed
1 year ago
0
False positive in hacktool_windows_mimikatz_modules rule?
#272
jcrg-rj
opened
1 year ago
0
Generic JSP Webshell false negative
#271
orapic
opened
1 year ago
1
Rename vuln_keepass_brute_forceable.yar to vuln_keepass_brute_forcibl…
#270
Neo23x0
closed
1 year ago
0
Create vuln_keepass_brute_forceable.yar
#269
ruppde
closed
1 year ago
0
Update certificates for ducktail rule
#268
dr4k0nia
closed
1 year ago
0
fix: FP found in testing
#267
phantinuss
closed
1 year ago
0
Update mal_ducktail_compromised_certs_jun23.yar
#266
dr4k0nia
closed
1 year ago
0
fix: FPs found in testing
#265
phantinuss
closed
1 year ago
0
feat: add new rule related to moveit exploitation
#264
nasbench
closed
1 year ago
2
fix: FPs found in testing environment
#263
phantinuss
closed
1 year ago
0
Yar file detected as suspicious file in Window
#262
knowpage
opened
1 year ago
0
Create susp_vulndriver_hp_hardware_diagnostics_etdsupp_may23.yar
#261
X-Junior
closed
1 year ago
0
fix: FP with THORs representation of multivalue registry keys
#260
phantinuss
closed
1 year ago
0
Suggestion: remove due to regular FPs
#259
phantinuss
closed
1 year ago
0
fix: FPs found in customer env
#258
phantinuss
closed
1 year ago
0
Update gen_github_net_redteam_tools_guids.yar
#257
ruppde
closed
1 year ago
0
Create apt_lazarus_gopuram.yar
#256
ruppde
closed
1 year ago
0
Update gen_webshells.yar
#255
ruppde
closed
1 year ago
2
Update thor-hacktools.yar
#254
ruppde
closed
1 year ago
0
Update c2-iocs.txt
#253
ruppde
closed
1 year ago
0
Added IPM.Appointment to TNEF rule
#252
3c7
closed
1 year ago
0
Update gen_imphash_detection.yar
#251
ruppde
closed
1 year ago
0
Create gen_malware_by_imphash_and_rich_pe_header_hash.yar
#250
ruppde
closed
1 year ago
1
expl_outlook_cve_2023_23397.yar syntax error
#249
celevra
opened
1 year ago
3
Update expl_outlook_cve_2023_23397.yar
#248
ruppde
closed
1 year ago
1
Update gen_github_net_redteam_tools_guids.yar
#247
ruppde
closed
1 year ago
0
How to run this
#246
HackersBun
opened
1 year ago
2
[CVE-2023-23397] Add rule variant for SMTP/EML files
#245
3c7
closed
1 year ago
0
Update expl_outlook_cve_2023_23397.yar
#244
ruppde
closed
1 year ago
0
Added Transport Neutral Encapsulation Format (TNEF) for CVE-2023-23397
#243
3c7
closed
1 year ago
0
PR for ruppde commit f73abca
#242
3c7
closed
1 year ago
0
Update expl_outlook_cve_2023_23397.yar
#241
3c7
closed
1 year ago
1
fix: add HTTP return code for unauthorized
#240
phantinuss
closed
1 year ago
0
Find driver signed by suspicious company (see references)
#239
ruppde
closed
1 year ago
0
Update gen_mimikatz.yar
#238
ruppde
closed
1 year ago
0
VT thor comments break on semicolon
#237
ruppde
closed
1 year ago
1
fix: remove FP hashes file
#236
secDre4mer
closed
1 year ago
0
Yara rule for TinyShell
#235
nfsec
closed
1 year ago
1
new rules
#234
ruppde
closed
1 year ago
0
add HKTL_Python_sectools
#233
ruppde
closed
1 year ago
0
chore: change meta data file=type to tagging as FILE
#232
phantinuss
closed
1 year ago
0
refactor: changes due to yaraQA
#231
Gude5
closed
1 year ago
0
improve runtime performance of rule in bulk scanning
#230
phantinuss
closed
1 year ago
0
fix: FP with mitre json
#229
phantinuss
closed
1 year ago
0
Previous
Next