Skip to content
/ lw-yara Public
forked from Hestat/lw-yara

Yara Ruleset along with integration to add rules to maldet for scanning Linux servers

License

GPL-3.0 license
0 stars 34 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TheImmortalOne/lw-yara

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
includes
includes
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
install-rules.sh
install-rules.sh
 
 
lw-rules-combined.yar
lw-rules-combined.yar
 
 
lw-rules_index.yar
lw-rules_index.yar
 
 

Repository files navigation

lw-yara

Yara rulset based on php shells and other webserver malware.

scanning using clamav with custom rules

example at https://laskowski-tech.com/2018/04/26/eitest-cleanup-part-2-using-clamav-and-custom-yara-rules/

clamscan -ir -d /root/lw-yara/lw-rules-combined.yar /path/to/scan/

This is still work in progress

Includes an install script to allow for the rules to be added to the maldet scanner.

https://github.com/rfxn/linux-malware-detect

https://www.rfxn.com/projects/linux-malware-detect/

Can be used indepentent of maldet if yara is already installed.

To add to maldet run the install-rules.sh script.

About

Yara Ruleset along with integration to add rules to maldet for scanning Linux servers

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%