mirror of https://github.com/valitydev/signature-base.git synced 2024-11-06 18:15:20 +00:00

Signature base for my scanner tools

Go to file

Florian Roth e58a67f5ad False Positive Reduction		2017-12-19 01:36:08 +01:00
iocs	OTX filename and hash IOC update Dec 17 1	2017-12-16 13:22:06 +01:00
misc	Updated File Type Signatures	2017-07-13 08:01:57 -06:00
threatintel	Various changes, SIEM export options extended by Scott Carpenter	2017-12-16 13:20:50 +01:00
vendor/yara	Added AirBnb / BinaryAlert YARA rules in new vendor directory	2017-10-20 11:21:49 +02:00
yara	False Positive Reduction	2017-12-19 01:36:08 +01:00
.gitignore	Travis Tests and makefile	2017-08-11 16:00:44 +02:00
.travis.yml	Travis Tests and makefile	2017-08-11 16:00:44 +02:00
build-rules.py	Travis test script	2017-08-07 14:23:03 +02:00
LICENSE	Initial commit	2016-02-15 10:16:53 +01:00
makefile	Makefile adjusted to reflect prebuilt YARA 3.6.2 features	2017-08-15 21:14:31 +02:00
README.md	Build image in README	2017-08-07 14:25:11 +02:00

README.md

Signature-Base

signature-base is a submodule for my scanner tools LOKI and SPARK

Directory Structure

iocs - Simple IOC files (CSV)
yara - YARA rules
threatintel - Threat Intel API Receiver (MISP, OTX)
misc - Other input files (not IOCs or signatures)

License

The signature-base repository is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This signature-base is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICLAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with the signature-base repository. If not, see http://www.gnu.org/licenses/.