lisa

lisa copied to clipboard

Using a Yara HTTP runner I wrote (https://github.com/roaldi/YaraSea), I added an additional docker service that responds to HTTP posts from the worker, responding in JSON with yara rules that the uploaded content matches on.

YaraSea in its current state pulls the rules from https://github.com/Yara-Rules/rules, but could be easily changed to accept custom rules as well.

Additionally I added a "Yara Hits" row on the Overview page to print the returned data.