Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/EFForg/yaya

Yet Another Yara Automaton - Automatically curate open source yara rules and run scans
https://github.com/EFForg/yaya

Last synced: 3 months ago
JSON representation

Yet Another Yara Automaton - Automatically curate open source yara rules and run scans

Host: GitHub
URL: https://github.com/EFForg/yaya
Owner: EFForg
License: gpl-3.0
Created: 2020-06-18T23:22:03.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2023-12-27T15:11:36.000Z (10 months ago)
Last Synced: 2024-06-20T12:42:21.811Z (5 months ago)
Language: Go
Size: 60.5 KB
Stars: 256
Watchers: 16
Forks: 24
Open Issues: 9
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

!["The YAYA logo and automaton mascot"](https://www.eff.org/files/banner_library/yaya_yaya_banner.png "YAYA - Yet Another Yara Automaton")

# YAYA - *Yet Another Yara Automaton*

Automatically curate open source yara rules and run scans

## Installation
```
go get github.com/EFForg/yaya
cd $GOPATH/src/github.com/EFForg/yaya
go build
go install
```
### Dependencies
Yaya depends on the following packages outside the standard library:
* https://github.com/go-git/go-git
* https://github.com/hillu/go-yara
* https://github.com/jinzhu/gorm

You must also install the yara4 C libraries. We recommend you install these from source with the following command:

```
wget https://github.com/VirusTotal/yara/archive/refs/tags/v4.1.0.tar.gz && mkdir yara && cd yara && tar xf ../v4.1.0.tar.gz \
&& cd yara-4.1.0/ && ./bootstrap.sh && ./configure --enable-cuckoo --enable-magic --enable-dotnet && make && sudo make install && sudo ldconfig
```
More info and docs can be [found here](https://yara.readthedocs.io/en/stable/gettingstarted.html)
## Running
[![asciicast](https://asciinema.org/a/344120.svg)](https://asciinema.org/a/344120)

## Usage
```
yaya [-h]
-h print this help screen
Commands:
update - update rulesets
edit - ban or remove rulesets
add - add a custom ruleset, located at
scan - perform a yara scan on the directory at
export - export all yara rules in single yar file in
```
## Docker
YAYA includes a docker file and can be run inside a container as well by linking the path to be scanned to a path in the container.