Skip to content

tomchop/openrelik-worker-yara-scan

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.vscode
.vscode
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
demo.png
demo.png
 
 
poetry.lock
poetry.lock
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

Yara scanner OpenRelik worker

Overview

This worker scans input files with Yara rules and the official libyara python library.

It can source the rules from manual input (as a parameter) or from a third-party TIP.

Screenshot of the results page of the Yara Scan worker

Settings

Global settings

  • Manual Yara rules (optional): The Yara rules to use for the scan. These rules will be concatenated after rules obtained from third-party providers.
  • Yara sources (optional): The third-party TIPs to use for the scan. Can provide more than one, comma-separated.
  • Yara rule name filter (optional): Only select rules containing this substring for the scan.

Yeti (third-party TIP)

Two parameters are needed, that are passed through environment variables

  • YETI_ENDPOINT: The URL of the Yeti platform
  • YETI_API_KEY: The API key to authenticate with the Yeti platform

About

OpenRelik worker that scans files with Yara rules

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages