Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/m0n4/YARA-Matches-Correspondance-Array

A tool designed to help writing and updating YARA rules.
https://github.com/m0n4/YARA-Matches-Correspondance-Array

cti yara

Last synced: 3 months ago
JSON representation

A tool designed to help writing and updating YARA rules.

Host: GitHub
URL: https://github.com/m0n4/YARA-Matches-Correspondance-Array
Owner: m0n4
License: mit
Created: 2022-01-31T18:43:00.000Z (almost 3 years ago)
Default Branch: main
Last Pushed: 2022-02-06T16:27:19.000Z (almost 3 years ago)
Last Synced: 2024-04-20T18:49:56.297Z (7 months ago)
Topics: cti, yara
Language: Python
Homepage:
Size: 190 KB
Stars: 2
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# YARA Matches Correspondance Array

YMCA is designed for threat hunters, incident responders, security analysts or anyone writing detection or hunting rules.
This tool focuses exclusively on the strings section of the rules.
It visually presents the correspondences between a ruleset and a collection of samples.

## Usage
- Download and run the standalone binary ([Linux](https://github.com/m0n4/YARA-Matches-Correspondance-Array/releases/tag/Linux) / [Windows](https://github.com/m0n4/YARA-Matches-Correspondance-Array/releases/tag/Windows))
- Head to [localhost:4449](http://localhost:4449/)

## Use Case
- To have a complete view of the coverage of a new rule.
- To review the accuracy of an existing rule at the start of a new campaign.

## Screenshot
![Screenshot](https://user-images.githubusercontent.com/29152432/151853523-c7154cc9-38e2-4124-a719-6b82ef466c9f.png)