Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/aitor-alvarez/osint-search
OSINT script to mine and retrieve Yara and Sigma rules from Github repositories using search API
https://github.com/aitor-alvarez/osint-search
github-api osint osint-python osint-tool sigma sigma-rules yara yara-rules
Last synced: about 2 months ago
JSON representation
OSINT script to mine and retrieve Yara and Sigma rules from Github repositories using search API
- Host: GitHub
- URL: https://github.com/aitor-alvarez/osint-search
- Owner: aitor-alvarez
- Created: 2022-06-27T23:55:52.000Z (over 2 years ago)
- Default Branch: master
- Last Pushed: 2023-12-08T07:57:06.000Z (about 1 year ago)
- Last Synced: 2023-12-08T08:36:51.285Z (about 1 year ago)
- Topics: github-api, osint, osint-python, osint-tool, sigma, sigma-rules, yara, yara-rules
- Language: Python
- Homepage:
- Size: 15.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# OSINT Search
OSINT scripts to mine and retrieve Yara and Sigma rules from Github repositories using Github search API.
## Installation
```
git clone https://github.com/aitor-alvarez/OSINT-Search
pip install -r requirements.txt
Add GITHUB_API key in creds.py file
```
After installation, the directory downloads/ will be created where the rules will be stored.
## Commands
For searching Sigma or Yara rules (without any optimization in the search) just use the -f argument followed by either string "yara" or "sigma" as shown below:
```
python main.py -f "sigma"
python main.py -f "yara"
```
If a specific string needs to be in the content of the file, the argument -c will need to be passed:
```
python main.py -f "sigma" -c ".exe"
```
Similarly, any file that contains a particular string can be retrieved in the following way:
```
python main.py -f "any" -c "function search_api()"
```