-
Hello,
I was directed to your issues page by an associate after hitting the info email.
I'm getting hits for DROVORUB on an ArchLinux instance, Xtunnel on the same machine but a Windows instance, an…
-
**Issue description**
I have been trying to install Cuckoo3 following the instructions on this site since last week but keep hitting a wall with an error output having to do with the processing abstr…
-
```
$ ./Cutter-v2.3.4-Linux-x86_64.AppImage
qt.qpa.plugin: Could not find the Qt platform plugin "wayland" in ""
"0.7.1" "0.7.1"
Setting PYTHONHOME = "/tmp/.mount_Cutterv59kUY/usr" for AppImage.…
-
After merging https://github.com/volatilityfoundation/volatility3/pull/1050 @ikelos noticed that the the [process_yara_options ](https://github.com/volatilityfoundation/volatility3/blob/a08b7809b58d3b…
-
It seems that every yara search for `yrp/*` works, but not for any other.
Example hash: 6d14bb5ee2d7b2ecb28530324e7452a48476c79f7ded0a5727035d74744e5772
It has a `CuckooSandbox/shellcode` tag in…
-
The following are TODOs for our URL excavation:
- [ ] Unify URL excavation into single excavator (no duplicate code between URL excavator + web param excavator)
- [ ] We have multiple yara rul…
-
## Problem Statement
I think we should have two options for Rule sources:
CompiledRuleURL - a URL (file://, http:// or https://) which points to a compiled set of yara rules
RuleSources - the r…
-
### Body
**Description:**
I am currently working with YARA for scanning memory blocks in processes, and I came across a limitation when attempting to use a 32-bit version of YARA (WoW64) to scan 64-…
-
### Bug description
APKID not working after latest update because Yara rules seem to be incompatible
### Steps to reproduce
Install apkid
Run it
**Actual result:**
```
[+] APKiD 2.1.1…
-
YARA rules should be managed via API and/or command line:
Add new rules
Save to disk
Enable rule in scanner
List enabled rules
Name, tags, metadata
Remove r…