Florian Roth

YARA signature and IOC database for my scanners and tools

A YARA rule generator

yarGen is a generator for YARA rules

🐍 High-performance, multi-threaded YARA & IOC scanner

A repository of sysmon configuration modules

Loki - Simple IOC and YARA Scanner

Best Practice Auditd Configuration

A list of my personal projects

A specification and style guide for YARA rules

A Simple Ransomware Vaccine

Detector for Log4Shell exploitation attempts

Yara Rule Analyzer and Statistics

Simple Bash IOC Scanner

A guide on how to write fast and memory friendly YARA rules

Slides of my public talks

Online hash checker for Virustotal and other services

God Mode Detection Rules

Awesome VirusTotal Intelligence Search Queries

Lightweight macOS baseline checks - collect config signals and send them as JSON to your SIEM

Detection Script for MongoBleed Exploitation

YARA rule analyzer to improve rule quality and performance

AI agent skill to generate YARA rules from malware samples using yarGen-Go. Manages goodware databases, supports CLI and API for rule generation, and integrates with yarGen web server. Use when generating YARA rules, managing goodware databases, creating custom string/opcode databases, or interacting with yarGen web API.

A harmless Netcat-lookalike for detection testing. Simulates NC-style command-line flags and listener behavior without exposing a real backdoor or shell.

Pattern Extractor for Obfuscated Code

PE Import Hash Generator

Scanner for Regin Virtual Filesystems

Log Entry to Sigma Rule Converter

AI agent skill for VirusTotal API v3 — query hashes, investigate IOCs, search VT Intelligence, and manage YARA Livehunt/Retrohunt

A neon-drenched terminal UI for MoltBot with Tamagotchi vibes. Live monitoring, 10 themes, and a robot that talks back.

Aggregated SHA-256 and SHA-1 checksums for Notepad++ release assets - collected from official GitHub release checksum files.