About

Partnering with Spamhaus

Like abuse.ch, Spamhaus has a mission to strengthen trust and safety on the Internet, operating as an independent organization for over twenty years. This shared vision forms the foundation of our partnership, working together to provide the largest, independently crowdsourced intelligence of tracked malware and botnets.

Spamhaus is recognized as the trusted authority on IP and domain reputation. Globally, they protect 4.5 billion mailboxes and help secure networks against 11.7 million indicators of compromise (IOCs). Together, we build and maintain platforms and datasets to make the internet safer.

Technology

YARAify uses the following tools and services:

• Fastly as Content Delivery Network (CDN)
• Google Cloud Storage for storing files
• Google Compute Engine for virtual machines
• Google Cloud SQL as database backend
• Ubuntu as prefered server OS
• Apache as prefered webserver
• Python as prefered scripting language
• PHP as prefered web scripting language
• Chart.js for generating statistics and charts
• Bootstrap for web design
• Font Awesome icons
• jQuery JavaScript library
• clipboard.js for web copy&paste functionality
• FAMFAMFAM flags
• Twitter OAuth for authentication
• MaxMind GeoLite2 Free for geo location
• ClamAV antivirus engine
• Trend Micro TLSH fuzzy matching library
• Trend Micro ELF Hash (telfhash) fuzzy matching library for ELF
• ssdeep fuzzy matching library
• yara pattern matching
• humanhash for generating Human-readable digests
• oletools for analyzing office documents
• gimphash to calculate an imphash equivalent for Go binaries

Special thanks

Special thanks to:

• SecuriteInfo for providing their commercial ClamAV ruleset for free
• @stoerchl for beta testing
• @viql for beta testing
• @AndreGironda for beta testing
• Slavo for beta testing
• Members of the security community for publishing YARA rules for free and for the good of the internet