Victor M. Alvarez
Victor M. Alvarez
I've noticed that this project is using the following endpoint: https://www.virustotal.com/intelligence/hunting/notifications-feed The endpoint is being used in: https://github.com/yeti-platform/yeti/blob/master/plugins/feeds/public/virustotal_hunting.py But it looks like the project is already prepared for the deprecation...
For example: compiled = yara.compile(filepaths = { 'from_file1': '/path/rules.1', 'from_file2': '/path/rules.2', }, sources = { 'from_text': text, })
When the only thing you want is to upload a file/url and get the verdicts back, the existing method is a bit cumbersome. The `vt scan` command returns an analysis...
Version `0.2.0` renders the left margin differently than version `0.1.5`. See an example from application: With version `0.1.5`: ``` Error: error: global rule `test_2` depends on non-global rule `test_1` ╭─[test.yar:25:5]...
The `reserved` keyword was supported for messages but not for enums. Also used this opportunity to remove the `FieldNumberRange` type and use `RangeInclusive` instead, as proposed by a `TODO` comment...
Most regular expression engines don't accept the `{,n}` syntax, but some other do it (namely Python's `re` library). This introduces a new parser configuration option that enables the `{,n}` syntax...
`pefile` assumes that the 12 bytes following the `DanS` tag are actually three copies of the 32-bits XOR key used for encrypting the rich header, and it does some validation...
I've noticed that this project is using the following endpoint: https://www.virustotal.com/intelligence/hunting/notifications-feed Please notice that this endpoint is deprecated and will be shutdown in October 1st, 2021.
In complex YARA conditions there are many cases in which the same sub-expression is repeated more than once, and its results could be reused instead of re-computed. For instance, consider...
Many file formats contain integer fields that are really interpreted as flags (each bit has a particular meaning). For instance, the `characteristics` field in the PE file is one of...