Yara VirusTotal Commenter Logo

Yara VirusTotal Commenter

0
Free
Visit Website

You know you scan files with Yara anyways, why not give your findings back to the community? This script can scan a folder of samples against a provided Yara ruleset and optionally submit the matching Yara rule names to each file's respective VirusTotal report as a comment. Important: Use this script only with high-confidence Yara rules to avoid spamming VT with misleading comments. Pre-Alpha: This code hasn't yet been tested in any real way. I would not recommend using it :) Usage: $ python yara_vt.py --help (master) usage: yara_vt.py [-h] -r RULES -s SAMPLES [-k KEY] -c Scan directory with Yara and submit matches to VirusTotal samples as comments optional arguments: -h, --help show this help message and exit Yara: -r RULES, --rules RULES yara rules directory -s SAMPLES, ---samples SAMPLES samples directory to scan VirusTotal: -k KEY, --key KEY virustotal API key -c, --comment submit virustotal comments

FEATURES

ALTERNATIVES

Tools to export data from MISP MySQL database for post-incident analysis and correlation.

Repository with projects for photo and video hashing, content moderation, and signal exchange.

A community-driven project sharing detection logic, adversary tradecraft, and resources to make detection development more efficient, following MITRE ATT&CK structure.

eCrimeLabs provides a SOAR platform for threat detection and response, integrated with MISP.

FraudGuard is a service that provides real-time internet traffic analysis and IP tracking to help validate usage and prevent fraud.

In-depth analysis of real-world attacks and threat tactics

A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.

Cortex is a tool for analyzing observables at scale and automating threat intelligence, digital forensics, and incident response.

PINNED