From e27f60fa95a8c37aa7ca48d9d1850371ea20e7e5 Mon Sep 17 00:00:00 2001 From: fabacab Date: Tue, 8 Dec 2020 19:54:02 -0500 Subject: [PATCH] Add new subsection for signature packs. --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 5837c00..00c1bcb 100644 --- a/README.md +++ b/README.md @@ -45,6 +45,7 @@ Many cybersecurity professionals enable racist state violence, wittingly or unwi - [Service and performance monitoring](#service-and-performance-monitoring) - [Threat hunting](#threat-hunting) - [Threat intelligence](#threat-intelligence) + - [Threat signature packages and collections](#threat-signature-packages-and-collections) - [Tor Onion service defenses](#tor-onion-service-defenses) - [Transport-layer defenses](#transport-layer-defenses) - [macOS-based defenses](#macos-based-defenses) @@ -307,6 +308,11 @@ See also [awesome-threat-intelligence](https://github.com/hslatman/awesome-threa - [Viper](https://github.com/viper-framework/viper) - Binary analysis and management framework enabling easy organization of malware and exploit samples. - [YARA](https://github.com/VirusTotal/yara) - Tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples, described as "the pattern matching swiss army knife" for file patterns and signatures. +### Threat signature packages and collections + +- [FireEye's Red Team Tool Countermeasures](https://github.com/fireeye/red_team_tool_countermeasures) - Collection of Snort and YARA rules to detect attacks carried out with FireEye's own Red Team tools, first released after FireEye disclosed a breach in December 2020. +- [YARA Rules](https://github.com/Yara-Rules/rules) - Project covering the need for IT security researchers to have a single repository where different Yara signatures are compiled, classified and kept as up to date as possible. + ## Tor Onion service defenses See also [awesome-tor](https://github.com/ajvb/awesome-tor).