Yara VirusTotal Commenter Logo

Yara VirusTotal Commenter

0
Free
Visit Website

You know you scan files with Yara anyways, why not give your findings back to the community? This script can scan a folder of samples against a provided Yara ruleset and optionally submit the matching Yara rule names to each file's respective VirusTotal report as a comment. Important: Use this script only with high-confidence Yara rules to avoid spamming VT with misleading comments. Pre-Alpha: This code hasn't yet been tested in any real way. I would not recommend using it :) Usage: $ python yara_vt.py --help (master) usage: yara_vt.py [-h] -r RULES -s SAMPLES [-k KEY] -c Scan directory with Yara and submit matches to VirusTotal samples as comments optional arguments: -h, --help show this help message and exit Yara: -r RULES, --rules RULES yara rules directory -s SAMPLES, ---samples SAMPLES samples directory to scan VirusTotal: -k KEY, --key KEY virustotal API key -c, --comment submit virustotal comments

FEATURES

ALTERNATIVES

CyBot is a free and open source threat intelligence chat bot with a community-driven plugin framework.

A repository of freely usable Yara rules for detection systems, with automated error detection workflows.

A threat intelligence and vulnerability monitoring platform that aggregates security alerts from trusted sources and provides customizable monitoring and notification capabilities.

Platform for the latest threat intelligence information

Tools to export data from MISP MySQL database for post-incident analysis and correlation.

Search engine for Windows executable files and hashes, providing insights into file prevalence, behavior, and security information.

In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.

Deception based detection techniques with MITRE ATT&CK mapping and Honey Resources.

PINNED