Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/ditekshen/detection

Detection in the form of Yara, Snort and ClamAV signatures.
https://github.com/ditekshen/detection

clamav detection ioc rules signatures snort yara

Last synced: 3 months ago
JSON representation

Detection in the form of Yara, Snort and ClamAV signatures.

Host: GitHub
URL: https://github.com/ditekshen/detection
Owner: ditekshen
License: other
Created: 2020-05-31T16:16:36.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2024-06-08T08:46:45.000Z (5 months ago)
Last Synced: 2024-06-08T09:49:32.719Z (5 months ago)
Topics: clamav, detection, ioc, rules, signatures, snort, yara
Language: YARA
Homepage:
Size: 2.37 MB
Stars: 184
Watchers: 15
Forks: 38
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE.txt

Awesome Lists containing this project

awesome-yara - Ditekshen Rules

README

# Detection and Hunting Signatures

A set of interrelated network and host detection rules with the aim of improving detection and hunting visibility and context. Where applicable, each Snort rule includes metadata indicating the corresponding Yara and ClamAV rules, and each Yara signature also includes metadata to the corresponding Snort and ClamAV rules, and so on.

## Supported Rules

Currently, Snort 3, Yara and ClamAV rules are supported. Additional singatures and formats are work in progress.

## Scripts

Currently, only scripts available are used to aid in auto-generation of hash-based and certificate-based Yara rules.