Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/ditekshen/detection
Detection in the form of Yara, Snort and ClamAV signatures.
https://github.com/ditekshen/detection
clamav detection ioc rules signatures snort yara
Last synced: about 1 month ago
JSON representation
Detection in the form of Yara, Snort and ClamAV signatures.
- Host: GitHub
- URL: https://github.com/ditekshen/detection
- Owner: ditekshen
- License: other
- Created: 2020-05-31T16:16:36.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2024-11-01T06:30:17.000Z (about 1 month ago)
- Last Synced: 2024-11-01T07:23:55.593Z (about 1 month ago)
- Topics: clamav, detection, ioc, rules, signatures, snort, yara
- Language: YARA
- Homepage:
- Size: 2.79 MB
- Stars: 206
- Watchers: 15
- Forks: 40
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE.txt
Awesome Lists containing this project
- awesome-yara - Ditekshen Rules
README
# Detection and Hunting Signatures
A set of interrelated network and host detection rules with the aim of improving detection and hunting visibility and context. Where applicable, each Snort rule includes metadata indicating the corresponding Yara and ClamAV rules, and each Yara signature also includes metadata to the corresponding Snort and ClamAV rules, and so on.
## Supported Rules
Currently, Snort 3, Yara and ClamAV rules are supported. Additional singatures and formats are work in progress.
## Scripts
Currently, only scripts available are used to aid in auto-generation of hash-based and certificate-based Yara rules.