Yara VirusTotal Commenter Logo

Yara VirusTotal Commenter

0
Free
Updated 11 March 2025
Visit Website

You know you scan files with Yara anyways, why not give your findings back to the community? This script can scan a folder of samples against a provided Yara ruleset and optionally submit the matching Yara rule names to each file's respective VirusTotal report as a comment. Important: Use this script only with high-confidence Yara rules to avoid spamming VT with misleading comments. Pre-Alpha: This code hasn't yet been tested in any real way. I would not recommend using it :) Usage: $ python yara_vt.py --help (master) usage: yara_vt.py [-h] -r RULES -s SAMPLES [-k KEY] -c Scan directory with Yara and submit matches to VirusTotal samples as comments optional arguments: -h, --help show this help message and exit Yara: -r RULES, --rules RULES yara rules directory -s SAMPLES, ---samples SAMPLES samples directory to scan VirusTotal: -k KEY, --key KEY virustotal API key -c, --comment submit virustotal comments

FEATURES

SIMILAR TOOLS

A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.

A Pythonic framework for automated threat modeling shifting left.

A Splunk app mapped to MITRE ATT&CK to guide threat hunts.

Yara rule generator using VirusTotal code similarity feature code-similar-to.

A mapping tool that correlates MITRE ATT&CK techniques with atomic tests and detection rules to analyze security detection coverage.

Curated datasets for developing and testing detections in SIEM installations.

Proof-of-concept implementation of TAXII services for developers and non-developers.

A reference implementation for collecting events and performing CAR analytics to detect potential adversary activity.

A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved