GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects β†’ 3c7 β†’ yaramanager

3c7 / yaramanager

Licence: MIT License
Simple yara rule manager

Programming Languages

python
139335 projects - #7 most used programming language
Mako
254 projects

Labels

clisqliteyara

Projects that are alternatives of or similar to yaramanager

selekt
A Kotlin and Android wrapper over SQLCipher, providing 256-bit AES encryption of database files.
Stars: ✭ 26 (-56.67%)
Mutual labels:  sqlite
Quiz-App
A Quiz Android application πŸ“± built using Java ♨️ and showing best practices of πŸ› οΈ Room
Stars: ✭ 33 (-45%)
Mutual labels:  sqlite
mysql2sqlite
Online MySQL to SQLite converter πŸ”¨ https://ww9.github.io/mysql2sqlite/
Stars: ✭ 27 (-55%)
Mutual labels:  sqlite
XrayDB
X-ray Reference Data in SQLite library, including Python interface
Stars: ✭ 26 (-56.67%)
Mutual labels:  sqlite
factual-rules-generator
Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a machine.
Stars: ✭ 62 (+3.33%)
Mutual labels:  yara
sqlite zstd vfs
SQLite3 extension for read/write storage compression with Zstandard
Stars: ✭ 42 (-30%)
Mutual labels:  sqlite
pasthis
Simple stupid pastebin
Stars: ✭ 36 (-40%)
Mutual labels:  sqlite
Rezoom.SQL
Statically typechecks a common SQL dialect and translates it to various RDBMS backends
Stars: ✭ 639 (+965%)
Mutual labels:  sqlite
PhishingKit-Yara-Rules
Repository of Yara rules dedicated to Phishing Kits Zip files
Stars: ✭ 71 (+18.33%)
Mutual labels:  yara
lighthouse
Easy clojure relational database queries, migrations and connection pooling
Stars: ✭ 19 (-68.33%)
Mutual labels:  sqlite
django-udemy-clone
Simple Udemy Clone using Django
Stars: ✭ 97 (+61.67%)
Mutual labels:  sqlite
PokeChat
UNIX compatible, Discord and Telegram inspired, PokΓ©mon-themed instant messaging service.
Stars: ✭ 11 (-81.67%)
Mutual labels:  sqlite
jds
Jenesis Data Store: a dynamic, cross platform, high performance, ORM data-mapper. Designed to assist in rapid development and data mining
Stars: ✭ 17 (-71.67%)
Mutual labels:  sqlite
python-icap-yara
An ICAP Server with yara scanner for URL and content.
Stars: ✭ 50 (-16.67%)
Mutual labels:  yara
librdf.sqlite
β™ŠοΈ Mirror of https://code.mro.name/mro/librdf.sqlite | πŸ›  improved SQLite RDF triple store for Redland librdf
Stars: ✭ 21 (-65%)
Mutual labels:  sqlite
python-sqlite3-backup
Sqlite3 online API CPython implementation module
Stars: ✭ 44 (-26.67%)
Mutual labels:  sqlite
AspSqliteCache
An ASP.NET Core IDistributedCache provider backed by SQLite
Stars: ✭ 39 (-35%)
Mutual labels:  sqlite
aiosqlite3
sqlite3 on asyncio use loop.run_in_executor proxy
Stars: ✭ 21 (-65%)
Mutual labels:  sqlite
ThreatKB
Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)
Stars: ✭ 68 (+13.33%)
Mutual labels:  yara
SS-Gang-System-SQLITE
SS Gang System for SA-MP
Stars: ✭ 23 (-61.67%)
Mutual labels:  sqlite
View All Similar Projects βž”

License:MIT Version PyPI - Downloads Awesome Yara

Yara Manager

A simple program to manage your yara ruleset in a database. By default sqlite will be used, but using MySQL/MariaDB or Postgres is also possible.

Todos

  • Implement backup and sharing possibilities

Installation

Install it using pip:

pip install yaramanager

Or grab one of the prebuilt binaries from the release page.

If you want to use other databases than SQLite, you need to install the specific extra dependencies:

pip install yaramanager[mysql]
pip install yaramanager[pgsql]

Configuration

Yara Manager creates a fresh config if none exists. If you update from an older version, please pay attention to freshly added config options. You can reset you configuration using ym config reset, however, this will also overwrite any custom changes you made.

## Editor
# editor contains the command used to start the editor. Note that this must be a list of the command and the needed
# parameters, e.g. `editor = ["codium", "-w"]`.
editor = [ "codium", "-w" ]

The most important configuration to change is probably your editor. The default configuration uses codium -w for opening rules. You can use e.g. EDITOR=vim DISABLE_STATUS=1 ym config edit to open you config in Vim (and you can type :wq to save your changes and quit :P). After changing the editor path, you are good to go! The following asciinema shows how to quickly overwrite the editor set in the config:

Asciinema: Temporarily overwrite the used editor.

# Databases
# A list of databases. Every database needs to define a driver and a path, such as
#
# [[yaramanager.db.databases]]
# driver = "sqlite"
# path = "/home/user/.config/yaramanager/data.db"
[[yaramanager.db.databases]]
driver = "sqlite"
path = "/home/3c7/.config/yaramanager/myrules.db"

If you want to use multiple databases (which is pretty useful if you use rules from different sources or with different classifications), you can add them to the config file, too.

In order to use MySQL/MariaDB or Postgres, you need to specify the specific database driver, e.g.:

[[yaramanager.db.databases]]
driver = "mysql+pymysql"
path = "user:[email protected]/database"
[[yaramanager.db.databases]]
driver = "postgresql+psycopg2"
path = "user:[email protected]/database"

Features

General usage

$ ym
Usage: ym [OPTIONS] COMMAND [ARGS]...

  ym - yaramanager. Use the commands shown below to manage your yara
  ruleset. By default, the manager uses codium as editor. You can change
  that in the config file or using EDITOR environment variable. When using
  editors in the console, you might want to disable the status display using
  DISABLE_STATUS.

Options:
  --help  Show this message and exit.

Commands:
  add      Add a new rule to the database.
  config   Review and change yaramanager configuration.
  db       Manage your databases
  del      Delete a rule by its ID or name.
  edit     Edits a rule with your default editor.
  export   Export rules from the database.
  get      Get rules from the database.
  help     Displays help about commands
  list     Lists rules available in DB.
  new      Create a new rule using you preferred editor.
  parse    Parses rule files.
  read     Read rules from stdin.
  ruleset  Manage your rulesets
  scan     Scan files using your rulesets.
  search   Searches through your rules.
  stats    Prints stats about the database contents.
  tags     Show tags and the number of tagged rules
  version  Displays the current version.

Yara Manager Showcase

Asciiname: Yara Manager showcase

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].