YARAify

YARAify is a platform from abuse.ch and Spamhaus, that allows anyone to scan suspicious files against a large repository of YARA rules to detect malware. Scan suspicious malware samples or process dumps, and explore the database for valuable intelligence. Set alerts to hunt for newly observed files, use APIs for scanning, downloads, and automate bulk queries, and share YARA rules with the community.

Scan a file with YARA »

YARAify data

Browse files

Gain valuable insights and search for files on the YARAify database.

Access database »

Share YARA rules

Hunt for suspicious files and share YARA rules with the community on YARAhub.

Access YARAhub »

ThreatFox API

Integrate intel from ThreatFox into your SIEM or threat intel platform using the API.

Access API »

Spamhaus datasets enhanced by YARAify

Access Spamhaus’ datasets, enriched with malware samples from ThreatFox.

Data for threat hunting

Context-rich metadata relating to IP, domain and malware signals.

Access dataset »

Perimeter protection

Border Gateway Protocol feeds to stop compromised devices communicating with active botnet C2 servers.

Access dataset »

Network protection

A range of response policy zones (RPZs) protecting against malicious threats at DNS level.

Access dataset »