File and analysis artifacts yara matcher for Karton framework
Project description
YaraMatcher karton service
Scans analyses and samples with yara rules and spawns tasks with appropiate tags.
Author: CERT.pl
Maintainers: nazywam
Consumes:
{
"type": "sample",
"stage": "recognized",
"kind": "runnable"
}, {
"type": "sample",
"stage": "recognized",
"kind": "dump"
}, {
"type": "analysis",
"kind": "cuckoo1"
}, {
"type": "analysis",
"kind": "drakrun"
}, {
"type": "analysis",
"kind": "joesandbox"
}
Produces:
{
"type": "sample",
"stage": "analyzed"
}
Usage
First of all, make sure you have setup the core system: https://github.com/CERT-Polska/karton
Then install karton-yaramatcher from PyPi:
$ pip install karton-yaramatcher
And run the karton service by pointing it to your YARA rules repository:
$ karton-yaramatcher --rules yara_rule_directory
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file karton_yaramatcher-1.3.0-py3-none-any.whl.
File metadata
- Download URL: karton_yaramatcher-1.3.0-py3-none-any.whl
- Upload date:
- Size: 6.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.8.17
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f674e0562c81f125edadf963cdf0bd16abc25bbf7b88ff9c5359d7a38d9fa85a
|
|
| MD5 |
55341725c3ed9f2d611d098a6a0ac29c
|
|
| BLAKE2b-256 |
2cd07a920fe7255ab7cc5f1fab566c078162941edd15ef3b6ef9d9555c69358b
|
