Hyara Issues with wildcarding

Issues with wildcarding

Open r0ny123 opened this issue 3 years ago • 10 comments

Both comment and wildcard option are checked but the wildcard option is not working with the new version of Hyara.

Jan 28 '21 09:01 r0ny123

Unfortunately, wildcard option is not currently implemented. :(

Jan 28 '21 10:01 hyuunnn

Oh. Any ETA?

Feb 02 '21 09:02 r0ny123

I can't update because I'm currently busy. It will be updated steadily.

If you have an idea or a feature you need, tell me. Pull requests are also welcome.

Apr 30 '21 01:04 hyuunnn

Sorry for late reply. As for feature I think this will be a great integration to Hyara. That script has multiple options for generating yara signatures. Specially the Position Independent Code (PIC) mode is a solid one.

Nov 27 '21 19:11 r0ny123

@r0ny123 Thanks. I will check this project :)

Nov 27 '21 23:11 hyuunnn

@r0ny123 Added a feature to modify the values to wildcards. wildcard option is not yet :(

Sep 03 '22 16:09 hyuunnn

Nice, thanks @hyuunnn. But did you implement this https://github.com/MITRECND/malchive/blob/main/malchive/utilities/gensig.py as discussed earlier https://github.com/hyuunnn/Hyara/issues/15#issuecomment-980789671?

Sep 03 '22 16:09 r0ny123

@r0ny123 Nope. I will study the source code.

Sep 03 '22 16:09 hyuunnn

https://github.com/c3rb3ru5d3d53c/binlex https://github.com/g-les/YARA-PE-Features https://github.com/g-les/floss2yar https://github.com/schrodyn/steezy https://github.com/fxb-cocacoding/yara-signator https://github.com/TcM1911/zig2yar https://github.com/fox-it/mkYARA https://github.com/immortalp0ny/yarg https://github.com/ald3ns/copy-as-yara https://github.com/mbrengel/yarix - https://www.usenix.org/system/files/sec21-brengel.pdf

https://github.com/DissectMalware/yaradbg-backend https://github.com/DissectMalware/yaradbg-frontend

Sep 24 '22 14:09 hyuunnn

Hyara Hyara copied to clipboard

Issues with wildcarding

Hyara
Hyara copied to clipboard