Premade YARA rules for hunting

Estimated read time 2 min read

If you’re on the hunt for YARA rules, let me be your guide to some invaluable resources. The directories I’ve rounded up for you here are bursting with a variety of YARA rules. They span a broad spectrum of categories, from malware and phishing kits, to phishing pages and beyond.

Phishing kits and Phishing

Craving some top-notch YARA rules for phishing detection? Then you simply must check out this repository. It’s brimming with over 50 tailor-made YARA signatures, all laser-focused on spotting phishing attacks.

Malware and APT

For those who are focused on malware and Advanced Persistent Threats (APTs), I recommend exploring this extensive YARA rules repository. It’s a treasure trove of YARA signatures specifically developed to combat malware and APTs.


When it comes to sifting through emails for potential threats, you’ll find this repository to be an indispensable ally. It houses a broad array of YARA rules honed to identify malicious content in emails. Whether it’s phishing scams or malware-laden attachments, these YARA signatures are a vital addition to your cybersecurity toolkit.

Just Dork Around

Did you know that Google also indexes .YAR files, so you can search for them with special queries like this one filetype:yar. If you use this one, you will get the following result. Now imagine if you change the query a bit. showing YARA rule showing YARA rule

Done reading? You might enjoy:

Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author