paulmataruso/main
1
0
Fork 0
mirror of https://github.com/socfortress/Wazuh-Rules.git synced 2025-10-23 08:12:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3225f8487498fb8e115597ae2fe3787629b6e9ff
main/Yara
History
SOCFortress a80a563c40 Update README.md
2022-08-20 09:36:22 -05:00
..
200100-yara_rules.xml
Create 200100-yara_rules.xml
2022-08-08 22:34:17 -05:00
README.md
Update README.md
2022-08-20 09:36:22 -05:00
yara_decoders.xml
Create yara_decoders.xml
2022-08-18 10:37:32 -05:00
yara_full_scan.sh
Update yara_full_scan.sh
2022-08-20 09:34:55 -05:00

README.md

YARA Integration Awesome

YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a. rule, consists of a set of strings and a boolean expression which determine its logic.

Must have YARA installed on your endpoints

MIT License LinkedIn your-own-soc-free-for-life-tier

YARA Github

Set your YARA scan to run at set intervals by incorporating a Cronjob to run the yara_full_scan.sh script.

Need Help?

SOCFortress - LinkedIn - info@socfortress.co

Let SOCFortress Professional Services Take Your Open Source SIEM to the Next Level

Banner