Wazuh Yara is a project aimed at integrating YARA rules with Wazuh for enhanced malware detection and file integrity monitoring.
rules
directory.yara.sh
script for active response.Install using this command:
curl -SL --progress-bar https://raw.githubusercontent.com/ADORSYS-GIS/wazuh-yara/main/scripts/install.sh | sh
Install using this command:
iex (iwr -UseBasicParsing "https://raw.githubusercontent.com/ADORSYS-GIS/wazuh-yara/refs/heads/main/scripts/install.ps1")
To ensure the correct installation and configuration of YARA and Wazuh, we have implemented a set of automated tests. These tests verify the presence and proper configuration of essential components such as users, groups, configuration files, and installed packages.
For a detailed description of these tests and how to execute them, please refer to the YARA Tests README.
The repository includes a GitHub Actions workflow that automatically runs the tests on every push or pull request. This helps maintain the integrity of the system by validating the setup continuously.
For more information on the test workflow, see the GitHub Actions Workflow.
To ensure the correct installation and configuration of YARA and Wazuh, we have implemented a set of automated tests. These tests verify the presence and proper configuration of essential components such as users, groups, configuration files, and installed packages.
For a detailed description of these tests and how to execute them, please refer to the YARA Tests README.
The repository includes a GitHub Actions workflow that automatically runs the tests on every push or pull request. This helps maintain the integrity of the system by validating the setup continuously.
For more information on the test workflow, see the GitHub Actions Workflow.