Skip to main content

CLI tool to manage your yara rules

Project description

Yara Manager

A simple program to manage your yara ruleset in a (sqlite) database.

Todos

  • <input type="checkbox" checked="" disabled="" /> Add rules
  • <input type="checkbox" checked="" disabled="" /> Delete rules
  • <input type="checkbox" checked="" disabled="" /> List rules
  • <input type="checkbox" checked="" disabled="" /> Search strings
  • <input type="checkbox" disabled="" /> Search rules
  • <input type="checkbox" disabled="" /> Cluster rules in rulesets
  • <input type="checkbox" disabled="" /> Enforce configurable default set of meta fields
  • <input type="checkbox" disabled="" /> Actually edit rules with edit command - currently only file changes are detected, but changes are not merged into the rule itself.
  • <input type="checkbox" disabled="" /> Implement rule export, backup and sharing possibilities
  • <input type="checkbox" disabled="" /> Add database migrations

Installation

pip install yaramanager

Features

Asciinema

Watch how to use yaramanager Store your Yara rules in a DB locally and manage them.

Usage

$ ym
Usage: ym [OPTIONS] COMMAND [ARGS]...

Options:
  --help  Show this message and exit.

Commands:
  add     Add a new rule to the database.
  config  Review and change yaramanager configuration.
  db      Manage your databases
  del     Delete a rule by its ID or name.
  edit    (Not implemented) Edits a rule with your default editor.
  list    Lists rules available in DB.
  parse   Parses rule files.
  search  Searches through your rules.
  stats   Prints stats about the database contents.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for yaramanager, version 0.1.0
Filename, size File type Python version Upload date Hashes
Filename, size yaramanager-0.1.0-py3-none-any.whl (18.0 kB) File type Wheel Python version py3 Upload date Hashes View
Filename, size yaramanager-0.1.0.tar.gz (11.7 kB) File type Source Python version None Upload date Hashes View

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring DigiCert DigiCert EV certificate Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page