You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add Yara as a file scanner, in addition to ClamAV and VirusTotal.
Also going to tweak those so that we can run more than just one scanner (e.g., both Yara and ClamAV, or all 3, or whatever).
The text was updated successfully, but these errors were encountered:
mmguero
added
enhancement
New feature or request
carving
Relating to carving (extraction) of files from traffic and the scanning of those files
external
Depends on a bug or feature external to this project
labels
Aug 18, 2020
* Carved file scanning improvements
* Multiple file scanners can now be enabled concurrently (previously only one at a time was allowed)
* [Yara](https://github.com/VirusTotal/yara) [added](idaholab#148) as carved file scanner feeding signatures.log with [Florian Roth](https://github.com/Neo23x0)'s [Signature-Base](https://github.com/Neo23x0/signature-base) Yara ruleset enabled by default and the ability to provide other yara signatures under `yara/rules` under the Malcolm directory (see #148 and #14)
* Bumped versions
* Moloch [v2.4.0](https://github.com/aol/moloch/blob/v2.4.0/CHANGELOG#L21-L42)
* Bug fixes
* #150 docker-compose having issues with start and logs under macOS
* Hedgehog was missing new environment variables for finer control of Zeek local policy behavior
* miscellaneous tweaks to Docker and ISO images (mainly for file size)
see issue #14
Add Yara as a file scanner, in addition to ClamAV and VirusTotal.
Also going to tweak those so that we can run more than just one scanner (e.g., both Yara and ClamAV, or all 3, or whatever).
The text was updated successfully, but these errors were encountered: