Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/codewatchorg/Burp-Yara-Rules
Yara rules to be used with the Burp Yara-Scanner extension
https://github.com/codewatchorg/Burp-Yara-Rules
Last synced: 3 months ago
JSON representation
Yara rules to be used with the Burp Yara-Scanner extension
- Host: GitHub
- URL: https://github.com/codewatchorg/Burp-Yara-Rules
- Owner: codewatchorg
- Created: 2016-06-27T16:03:34.000Z (over 8 years ago)
- Default Branch: master
- Last Pushed: 2022-01-26T14:51:44.000Z (almost 3 years ago)
- Last Synced: 2024-07-30T20:31:11.991Z (3 months ago)
- Language: YARA
- Size: 80.1 KB
- Stars: 42
- Watchers: 7
- Forks: 21
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-yara - Burp YARA Rules
README
Burp-Yara-Rules
========##Description
Yara rules to be used with the Burp Yara-Scanner extension##Introduction
Burp-Yara-Rules is a collection of Yara rules built from malicious code samples found on the Internet, in addition to Yara rules created by third-parties that identify malicious software commonly found hosted on websites.The rules are intended to be used with the Burp Yara-Scanner extension found here: https://github.com/PolitoInc/Yara-Scanner. The goal being to identify infected web pages during a web application assessment.
##Usage
Add the Yara-Scanner extension within Burp (follow the directions at the Yara-Scanner link above). Then use the all.yar rules file as it combines all rules in this repository into a single file.##Additional Details
The Yara rules in this repository were found by searching the Internet for rules that detect common exploit kits, as well as by running the YaraGenerator (https://github.com/Xen0ph0n/YaraGenerator/) against downloaded exploit kit samples. The rules look for:
* Signs of infection in HTML code
* Signs of infection in JavaScript code
* Signs of infection in CSS code
* Detection of infected JAR files
* Detection of infected PDF files
* Detection of infected SilverLight XAP files
* Detection of infected Flash SWF files