Skip to content
/ yarafs Public

A simple file scanner using Yara to detect malicious files

License

MIT license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Voronsky/yarafs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

myrules

myrules

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

requirements.txt

requirements.txt

 
 

yarafs.py

yarafs.py

 
 

Repository files navigation

yarafs

A file scanner that will scan a specific path crossing all texts and binaries with Yara rulesets.

Development setup

Requirements

The requirements.txt is there for easy use to install. Use

pip install -r requirements.txt

Yara module >= 3.5.0

How it works

YaraFS checks the current path that the yara script is being run in, and checks for the rules folder called "myrules". Once in there, it will read from the master rule file called "master_rules.yar", which contains 'includes' of multiple yara rules. If you wish to add more rules, please modify the master_rules.yar file.

Example

to use type

./yarafs

About

A simple file scanner using Yara to detect malicious files

Topics

python3 malware-research yara security-scanner

Resources

Readme

License

MIT license
Activity

Stars

4 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 1

First release Latest
May 10, 2017

Packages

No packages published

Languages