Comments (6)
hillu
commented on May 27, 2024
Sure. It looks like libyara is not able to parse your rule files. Can you provide the spyre.yaml and the YARA rule files you are using?
You may also be able to use the yara command line tool to get better diagnostics about the syntax errors in the rule files.
from spyre.
MesserBart
commented on May 27, 2024
Hi, actually, I'm using the example-file spyre.yaml that was provided raw on the rep, I pasted it on the wanted _build, and I have really small clues on where to find/provide yara rules and files, and also where to actually put these files. It is actually my first time with yara modules.
from spyre.
hillu
commented on May 27, 2024
Alright. I think we'll need to provide a self-contained example.
from spyre.
MesserBart
commented on May 27, 2024
Thank you so much, would you mind upping this issue topic whenever an example is provided on the project source ?
A kind of "default version" would really help ! Thanks again for your dedication
from spyre.
hillu
commented on May 27, 2024
I have just pushed a change that contains some example config + ruleset. Would this have helped you enough if it had been there when you found Spyre? If you feel that there's room for improvement in the example, feel free to open a PR.
('m aware that configuration for custom modules is still missing, I'll need to look around for some indicators that demonstrate general usefulness.)
from spyre.
hillu
commented on May 27, 2024
@MesserBart ping?
from spyre.
Related Issues (20)
- Make the build chain work on OSX HOT 4
- Move to yara 4.x HOT 1
- Extend spyre to build on Fedora HOT 3
- Exclude WinDefender from procscan HOT 1
- Option to exclude vmtoolsd.exe Process from procscan HOT 3
- Separate the list of skipped large files from rule matches.
- Syntax of ioc.json for Registry
- Evaluate MXE as replacement for 3rdparty.mk
- Log SHA256 sums of matched files. HOT 1
- Skip large files before opening
- Add ignorelist for files
- yara: Log matching strings
- Add log file scanner
- Add module for network IOCs
- More instructions about how to generate YARA and IOC.json? HOT 3
- Implement pattern-based Event Object and Mutex scan
- Implement scan for active windows with specific window classes
- Log system information HOT 1
- How to build for 32-bit program of linux on 64-bit linux using musl-gcc HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spyre.