Signature base for my scanner tools
Go to file
2017-08-11 16:00:29 +02:00
iocs Agent.BTZ filename IOCs 2017-08-07 14:52:34 +02:00
misc Updated File Type Signatures 2017-07-13 08:01:57 -06:00
threatintel More white listed IOCs 2017-04-14 14:32:38 +02:00
yara Disabled rule using feature that isn't available in prebuild YARA 3.5.0 2017-08-11 16:00:29 +02:00
.gitignore Signature Update October 2016 A 2016-10-09 11:33:29 +02:00
.travis.yml Travis build notifications 2017-08-07 14:28:35 +02:00
build-rules.py Travis test script 2017-08-07 14:23:03 +02:00
LICENSE Initial commit 2016-02-15 10:16:53 +01:00
README.md Build image in README 2017-08-07 14:25:11 +02:00

Build Status

Signature-Base

signature-base is a submodule for my scanner tools LOKI and SPARK

Directory Structure

  • iocs - Simple IOC files (CSV)
  • yara - YARA rules
  • threatintel - Threat Intel API Receiver (MISP, OTX)
  • misc - Other input files (not IOCs or signatures)

License

The signature-base repository is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This signature-base is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICLAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with the signature-base repository. If not, see http://www.gnu.org/licenses/.