Skip to content

Sqooba/yara-rest-api

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

YARA Rest API

This is a simple REST API to apply pre-loaded Yara rules on a file POST'ed to the REST API endpoint.

Build it

docker build -t yara-rest-api .

Get sample yara rules

-> https://valhalla.nextron-systems.com/ Check "DEMO", get the rules. Save the file in rules folder

Run it

docker run -it -v ${PWD}/rules:/rules -e YARA_RULES_DIR=/rules -p 8080:8080 yara-rest-api

Submit a sample

Assuming you have a file sample.bin, run the following command:

curl http://localhost:8080/yara -F "[email protected]" -vvv

Expected output:

{"matchingRules": ["ns1/testns1"]}

About

Simple REST API applying pre-loaded yara rules

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages