Project description

YaraMatcher karton service

Scans analyses and samples with yara rules and spawns tasks with appropiate tags.

Author: CERT.pl

Maintainers: nazywam

Consumes:

{
    "type": "sample",
    "stage": "recognized",
    "kind": "runnable"
}, {
    "type": "sample",
    "stage": "recognized",
    "kind": "dump"
}, {
    "type": "analysis",
    "kind": "cuckoo1"
}, {
    "type": "analysis",
    "kind": "drakrun"
}, {
    "type": "analysis",
    "kind": "joesandbox"
}

Produces:

{
    "type": "sample",
    "stage": "analyzed"
}

Usage

First of all, make sure you have setup the core system: https://github.com/CERT-Polska/karton

Then install karton-yaramatcher from PyPi:

$ pip install karton-yaramatcher

And run the karton service by pointing it to your YARA rules repository:

$ karton-yaramatcher --rules yara_rule_directory

Co-financed by the Connecting Europe Facility by of the European Union

Project details

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

This version

1.3.0

Jul 27, 2023

1.2.0

Jul 27, 2022

1.1.1

May 19, 2021

1.1.0

Apr 15, 2021

1.0.0

Dec 29, 2020

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distribution

karton_yaramatcher-1.3.0-py3-none-any.whl (6.9 kB view hashes)

Uploaded Jul 27, 2023 Python 3

Hashes for karton_yaramatcher-1.3.0-py3-none-any.whl

Hashes for karton_yaramatcher-1.3.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`f674e0562c81f125edadf963cdf0bd16abc25bbf7b88ff9c5359d7a38d9fa85a`
MD5	`55341725c3ed9f2d611d098a6a0ac29c`
BLAKE2b-256	`2cd07a920fe7255ab7cc5f1fab566c078162941edd15ef3b6ef9d9555c69358b`