Skip to content

Velocidex/yara-tools

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
testing
testing
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
sanitize.go
sanitize.go
 
 

Repository files navigation

Yara tools

Command line tool to manipulate yara rules.

Clean

For very large rulesets it is sometimes more convenient to remove un-necessary data from the rules:

  1. This makes the ruleset much smaller.
  2. It might remove sensitive information about the rules themselves.

Both of these are necessary prior to using large rulesets in Velociraptor because we dont want to push un-necessary data to many thousands of end points. Also some of the yara rules contain sensitive information in the metadata or comments.

Strip the yara rule:

yara_tools clean my_file.yara > my_cleaned_yara.yara

About

Tools to manipulate yara files.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

6 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases 2

Release 0.2 Latest
Nov 28, 2022
+ 1 release

Packages

No packages published

Languages