Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → kevthehermit → Yarapcap

kevthehermit / Yarapcap

Process HTTP Pcaps With YARA

Programming Languages

python

139335 projects - #7 most used programming language

yaraPCAP

Yara Scanner For IMAP Feeds and saved Streams

###What it does:

Reads a PCAP File and Extracts Http Streams.
gzip deflates any compressed streams
Scans every file with yara
writes a report.txt
optionally saves matching files to a Dir

###Usage

Simple report "python yaraPcap.py -r sampleReport.txt sample.yar sample.pcap"
Save Matching Files "python yaraPcap.py -s SampleDir sample.yar sample.pcap"

###Requirements

Python
Yara / PyYara
TCPFlow 1.3 - https://github.com/simsong/tcpflow
For windows edit the Script to point to your copy of the tcpflow binary. Line 29

###ToDo

Save Report as XML
Add More Detail to the Report

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 79

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (0) 🔗