Rapid7-Labs
Threat detection library
A curated collection of threat intelligence rules and indicators for detecting malware and other security threats.
Rapid7 Labs operates as the division of Rapid7 focused on threat research. It is renowned for providing comprehensive threat intelligence, research and analytics.
54 stars
8 watching
15 forks
Language: YARA
last commit: 6 days ago
Linked from 1 awesome list
Related projects:
| Repository | Description | Stars |
|---|---|---|
 cluster25/detection | A collection of threat detection rules written in YARA | 13 |
 advanced-threat-research/yara-rules | A collection of rules to detect and prevent malware infections using YARA-based threat intelligence | 573 |
 sk4la/plast | A modular threat-hunting tool framework for detecting indicators of compromise in incident-response operations. | 17 |
 strangerealintel/dailyioc | Automated threat intelligence collection from articles and tweets, utilizing YARA patterns | 312 |
 kasperskylab/klara | Helps Threat Intelligence researchers hunt for new malware by efficiently scanning large collections of files with Yara rules | 698 |
 threathuntingproject/threathunting | An informational repository providing resources and knowledge for detecting adversaries in IT environments. | 1,726 |
 aptnotes/data | A repository of publicly-available papers and blogs related to malicious campaigns and APT groups, providing a centralized location for tracking and summarizing threat intelligence data. | 1,665 |
 a3sal0n/cyberthreathunting | A collection of tools and resources for threat hunters to identify and respond to cyber threats. | 861 |
 datadog/threatest | Tools for testing and verifying threat detection rules | 322 |
 securitymagic/yara | A collection of YARA rules for detecting malware and suspicious activity in various environments. | 11 |
 inquest/threatingestor | Extracts and aggregates threat intelligence from various sources | 836 |
 inodee/threathunting-spl | Provides Splunk code and prototypes for building rules and queries to detect malicious activity | 268 |
 threatexpress/red-team-scripts | A collection of tools and scripts used by red teamers to gather information about compromised systems. | 1,113 |
 svdwi/bluebox | Analyzes and enriches threat intelligence data from various sources to help detect malicious files, URLs, and domains. | 39 |
 yelp/threat_intel | Provides APIs for threat intelligence data from Umbrella Investigate and other sources | 275 |