Quite a while ago, I've published some of my private Yara rules online, on Github.
They can be found here:
There's two workflows running on that Github repository:
- YARA-CI: runs automatically to detect signature errors, as well as false positives and negatives.
- Package Yara rules: allows download of a complete rules file (all Yara rules from this repo in one file) for convenience from the Actions tab > Artifacts (see image below).
The Yara rules are divided into:
Furthermore, the rules can work natively with AssemblyLine due to the CCCS Yara rule standard adoption.
PR's are welcome where you see fit.
Article Link: Blaze's Security Blog: Yara rules collection