UrsaDB

A 3gram search engine for querying terabytes of data in milliseconds. Optimized for working with binary files (for example, malware dumps).

Created in CERT.PL. Originally by Jarosław Jedynak (tailcall.net), extended and improved by Michał Leszczyński.

This repository is only for UrsaDB project (ngram database). See CERT-Polska/mquery for more user friendly UI.

Installation

mkdir /opt/ursadb
ursadb_new /opt/ursadb/db.ursa

ursadb /opt/ursadb/db.ursa

$ ursacli
[2020-04-13 18:16:36.511] [info] Connected to UrsaDB v1.3.0 (connection id: 006B8B4571)
ursadb>

ursadb> index "/opt/samples" with [gram3, text4, wide8, hash4];

Now you can perform queries. For example, match all files with three null bytes:

ursadb> select {00 00 00};

Read the syntax documentation to learn more about available commands.

More documentation can be found in the docs directory.

You can also read the hosted version here: cert-polska.github.io/ursadb.

If you have any problems, bugs or feature requests related to UrsaDB, you're encouraged to create a GitHub issue.

Name		Name	Last commit message	Last commit date
Latest commit History 256 Commits
.github/workflows		.github/workflows
cmake		cmake
contrib		contrib
docs		docs
extern		extern
libursa		libursa
src		src
teste2e		teste2e
.clang-format		.clang-format
.dockerignore		.dockerignore
.gitignore		.gitignore
.gitmodules		.gitmodules
CMakeLists.txt		CMakeLists.txt
Dockerfile		Dockerfile
INSTALL.md		INSTALL.md
LICENSE		LICENSE
README.md		README.md
RELEASES.md		RELEASES.md
_config.yml		_config.yml
entrypoint.sh		entrypoint.sh