https://github.com/deadbits/yaraVT
Scan files with Yara and send rule matches to VirusTotal reports as comments
https://github.com/deadbits/yaraVT
malware-analysis malware-research python virustotal yara yara-scanner
Last synced: 6 months ago
JSON representation
Scan files with Yara and send rule matches to VirusTotal reports as comments
- Host: GitHub
- URL: https://github.com/deadbits/yaraVT
- Owner: deadbits
- Archived: true
- Created: 2017-12-26T16:52:19.000Z (almost 8 years ago)
- Default Branch: master
- Last Pushed: 2017-12-26T18:16:56.000Z (almost 8 years ago)
- Last Synced: 2024-08-03T22:16:46.894Z (about 1 year ago)
- Topics: malware-analysis, malware-research, python, virustotal, yara, yara-scanner
- Language: Python
- Size: 8.79 KB
- Stars: 4
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Yara VirusTotal Commenter
You know you scan files with Yara anyways, why not give your findings back to the community?
This script can scan a folder of samples against a provided Yara ruleset and optionally submit the matching Yara rule names to each files respective VirusTotal report as a comment.
**Important:** Use this script only with high-confidence Yara rules to avoid spamming VT with misleading comments
## Pre-Alpha
This code hasn't yet been tested in any real way. I would not recommend using it :)
### Usage
```
$ python yara_vt.py --help (master)
usage: yara_vt.py [-h] -r RULES -s SAMPLES [-k KEY] -c
Scan directory with Yara and submit matches to VirusTotal samples as comments
optional arguments:
-h, --help show this help message and exit
Yara:
-r RULES, --rules RULES
yara rules directory
-s SAMPLES, ---samples SAMPLES
samples directory to scan
VirusTotal:
-k KEY, --key KEY virustotal API key
-c, --comment submit virustotal comments
```