{"id":13705913,"url":"https://github.com/CrowdStrike/CrowdFMS","last_synced_at":"2025-05-05T17:31:01.768Z","repository":{"id":12430862,"uuid":"15086898","full_name":"CrowdStrike/CrowdFMS","owner":"CrowdStrike","description":"CrowdStrike Feed Management System. CrowdFMS is a framework for automating collection and processing of samples from VirusTotal, by leveraging the Private API system. This framework automatically downloads recent samples, which triggered an alert on the users YARA notification feed.","archived":true,"fork":false,"pushed_at":"2018-11-13T02:41:35.000Z","size":208,"stargazers_count":129,"open_issues_count":2,"forks_count":27,"subscribers_count":64,"default_branch":"master","last_synced_at":"2025-03-21T10:53:39.954Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CrowdStrike.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-12-10T19:23:00.000Z","updated_at":"2024-09-21T12:34:30.000Z","dependencies_parsed_at":"2022-07-15T11:30:32.498Z","dependency_job_id":null,"html_url":"https://github.com/CrowdStrike/CrowdFMS","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CrowdStrike%2FCrowdFMS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CrowdStrike%2FCrowdFMS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CrowdStrike%2FCrowdFMS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CrowdStrike%2FCrowdFMS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CrowdStrike","download_url":"https://codeload.github.com/CrowdStrike/CrowdFMS/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252542252,"owners_count":21764934,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T22:00:49.600Z","updated_at":"2025-05-05T17:31:01.523Z","avatar_url":"https://github.com/CrowdStrike.png","language":"Python","funding_links":[],"categories":["Tools"],"sub_categories":[],"readme":"Copyright (C) 2013 CrowdStrike, Inc.\nThis file is subject to the terms and conditions of the BSD License.\nSee the file LICENSE in the main directory for details\n\n\nCrowdFMS is a framework for automating collection and processing of samples from\nVirusTotal, by leveraging the Private API system.   This framework automatically \ndownloads recent samples, which triggered an alert on the users YARA notification feed. \n\nUsers can also specify a command to execute on these newly downloaded samples, \nbased on their YARA rule name.  For example, a user can specify that all samples \nthat matched the YARA rule “Zeus”, be automatically submitted to Cuckoo sandbox.\n\n\nPython Modules:\n - sqlite3\n - shutil\n - argparse\n - requests\n - re\n - json\n - requests\n\nPlease also place your API key in either .virustotal or ~/.virustotal\n\nUsage and Tools:\n crowdfms.py - Primary sample collection system\n\n sample_details - Fetch details about a sample stored in the local database \n  + Usage: sample_details.py -f -HASH-       # Hash can be either MD5, SHA1 or SHA256\n\n fetch_file - copy file from database to current working directory\n  + Usage: fetch_file -f -HASH-   # Hash can be either MD5, SHA1 or SHA256 \n\n add_action - Add action to preform on new sample rule metch\n  + Usage: add_action -y -Yara Rule Name- -c -Command to Execute-   # Command to Execute must contain %s where sample path should go\n \n add_action - Add action to preform on new sample rule metch\n  + Usage: add_action -y -Yara Rule Name- -c -Command to Execute-   # Command to Execute must contain %s where sample path should go\n\n list_actions - List all Yara -\u003e matches\n  + Usage: list_actions\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCrowdStrike%2FCrowdFMS","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FCrowdStrike%2FCrowdFMS","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCrowdStrike%2FCrowdFMS/lists"}