If you’re on the hunt for YARA rules, let me be your guide to some invaluable resources. The directories I’ve rounded up for you here are bursting with a variety of YARA rules. They span a broad spectrum of categories, from malware and phishing kits, to phishing pages and beyond.
Phishing kits and Phishing
Craving some top-notch YARA rules for phishing detection? Then you simply must check out this repository. It’s brimming with over 50 tailor-made YARA signatures, all laser-focused on spotting phishing attacks.
Malware and APT
For those who are focused on malware and Advanced Persistent Threats (APTs), I recommend exploring this extensive YARA rules repository. It’s a treasure trove of YARA signatures specifically developed to combat malware and APTs.
When it comes to sifting through emails for potential threats, you’ll find this repository to be an indispensable ally. It houses a broad array of YARA rules honed to identify malicious content in emails. Whether it’s phishing scams or malware-laden attachments, these YARA signatures are a vital addition to your cybersecurity toolkit.
Just Dork Around
Did you know that Google also indexes .YAR files, so you can search for them with special queries like this one
site:cisa.gov filetype:yar. If you use this one, you will get the following result. Now imagine if you change the query a bit.
Done reading? You might enjoy: