File and analysis artifacts yara matcher for Karton framework
Project description
YaraMatcher karton service
Scans analyses and samples with yara rules and spawns tasks with appropiate tags.
Author: CERT.pl
Maintainers: msm, nazywam
Consumes:
{
"type": "sample",
"stage": "recognized",
"kind": "runnable"
}, {
"type": "sample",
"stage": "recognized",
"kind": "dump"
}, {
"type": "analysis",
"kind": "cuckoo1"
}, {
"type": "analysis",
"kind": "drakrun"
}, {
"type": "analysis",
"kind": "joesandbox"
}
Produces:
{
"type": "sample",
"stage": "analyzed"
}
Usage
First of all, make sure you have setup the core system: https://github.com/CERT-Polska/karton
Then install karton-yaramatcher from PyPi:
$ pip install karton-yaramatcher
And run the karton service by pointing it to your YARA rules repository:
$ karton-yaramatcher --rules yara_rule_directory
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
No source distribution files available for this release.See tutorial on generating distribution archives.
Built Distribution
File details
Details for the file karton_yaramatcher-1.2.0-py3-none-any.whl.
File metadata
- Download URL: karton_yaramatcher-1.2.0-py3-none-any.whl
- Upload date:
- Size: 6.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.8.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | e8693b9b6424006a2cc9e15aa1cbf180ae93dc82b3d2e6e9a81d736699bc2038 |
|
| MD5 | c193e1f9656c7f437477e1e1cc44166e |
|
| BLAKE2b-256 | 9d87a5ff7cc6048458a4f9d0d899208bacef58adc0801c43ccc9b34c8dfaa9f1 |
