Yara VirusTotal Commenter Logo

Yara VirusTotal Commenter

0
Free
Visit Website

You know you scan files with Yara anyways, why not give your findings back to the community? This script can scan a folder of samples against a provided Yara ruleset and optionally submit the matching Yara rule names to each file's respective VirusTotal report as a comment. Important: Use this script only with high-confidence Yara rules to avoid spamming VT with misleading comments. Pre-Alpha: This code hasn't yet been tested in any real way. I would not recommend using it :) Usage: $ python yara_vt.py --help (master) usage: yara_vt.py [-h] -r RULES -s SAMPLES [-k KEY] -c Scan directory with Yara and submit matches to VirusTotal samples as comments optional arguments: -h, --help show this help message and exit Yara: -r RULES, --rules RULES yara rules directory -s SAMPLES, ---samples SAMPLES samples directory to scan VirusTotal: -k KEY, --key KEY virustotal API key -c, --comment submit virustotal comments

FEATURES

ALTERNATIVES

A collection of Yara rules licensed under the DRL 1.1 License.

MaxMind provides accurate IP geolocation and online fraud detection solutions to create safer digital experiences.

RogueApps is a collaborative repository documenting TTPs of malicious OIDC/OAuth 2.0 applications for cybersecurity research and awareness.

eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.

A threat intelligence and vulnerability monitoring platform that aggregates security alerts from trusted sources and provides customizable monitoring and notification capabilities.

A command-line tool that fetches known URLs from various sources to identify potential security threats and vulnerabilities.

Repository containing IoCs related to Volexity's threat intelligence blog posts and tools.

OpenIOC editor for building and manipulating threat intelligence data with support for various systems.