mirror of https://github.com/valitydev/signature-base.git synced 2024-11-06 18:15:20 +00:00

Signature base for my scanner tools

Go to file

Florian Roth 5f17ceeb5e APT xRAT http://blog.trendmicro.com/trendlabs-security-intelligence/untangling-the-patchwork-cyberespionage-group/		2017-12-12 01:00:00 +01:00
iocs	False Positive Reduction	2017-12-12 00:59:36 +01:00
misc	Updated File Type Signatures	2017-07-13 08:01:57 -06:00
threatintel	Put the threat intel receivers under the Apache License	2017-11-23 22:04:51 +01:00
vendor/yara	Added AirBnb / BinaryAlert YARA rules in new vendor directory	2017-10-20 11:21:49 +02:00
yara	APT xRAT	2017-12-12 01:00:00 +01:00
.gitignore	Travis Tests and makefile	2017-08-11 16:00:44 +02:00
.travis.yml	Travis Tests and makefile	2017-08-11 16:00:44 +02:00
build-rules.py	Travis test script	2017-08-07 14:23:03 +02:00
LICENSE	Initial commit	2016-02-15 10:16:53 +01:00
makefile	Makefile adjusted to reflect prebuilt YARA 3.6.2 features	2017-08-15 21:14:31 +02:00
README.md	Build image in README	2017-08-07 14:25:11 +02:00

README.md

Signature-Base

signature-base is a submodule for my scanner tools LOKI and SPARK

Directory Structure

iocs - Simple IOC files (CSV)
yara - YARA rules
threatintel - Threat Intel API Receiver (MISP, OTX)
misc - Other input files (not IOCs or signatures)

License

The signature-base repository is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This signature-base is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICLAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with the signature-base repository. If not, see http://www.gnu.org/licenses/.