-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathrules_collector.py
More file actions
58 lines (54 loc) · 1.73 KB
/
Copy pathrules_collector.py
File metadata and controls
58 lines (54 loc) · 1.73 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
import sys
from rules import sigma
from rules import clamav
from rules import yara
from rules import suricata
if __name__ == "__main__":
RULES_REGISTRY = [
# Sigma Rules
sigma.SigmaHQImproverPipeline,
sigma.SigmaSamuraiMDRImproverPipeline,
sigma.SigmaMbabinskiImproverPipeline,
sigma.P4T12ICKSigmaImproverPipeline,
# Yara Rules
yara.ProtectionsArtifactsYara,
yara.YaraRulesYara,
yara.XumeiquerForensicsYara,
yara.ReversinglabsYaraRules,
yara.AdvancedThreatResearchYara,
yara.BartblazeYaraRules,
yara.GodaddyYaraRules,
yara.SupportIntelligenceIcewaterYara,
yara.Jeff0FalltradesSignaturesYara,
yara.TjnelRepoYara,
yara.JpcertccJpcertYara,
yara.MikesxrsOpenSourceYaraRules,
yara.FboldewinYaraRules,
yara.H3x2bYaraRules,
yara.RoadwyDefenderYara,
yara.MthchtThreatHuntingKeywordsYara,
yara.Neo23x0SignatureBaseYara,
yara.MalpediaSignatorRulesYara,
yara.BaderjYara,
yara.DeadbitsYaraRules,
yara.PmelsonYaraRules,
yara.SbousseadenYaraHunts,
yara.EmbeeResearchYaraRules,
yara.RussianPanda95YaraRules,
yara.AilProjectAilYaraRules,
yara.MalgamyYaraRules,
yara.ElceefYaraRulz,
yara.TenableYaraRules,
yara.Dr4k0niaYaraRules,
yara.Umair9747YaraRules,
# Suricata Rules
suricata.SudohyakSuricataPipeline,
suricata.OISFSuricataPipeline,
# ClamV Rules
clamav.ClamAVPipeline,
]
for pipeline in RULES_REGISTRY:
rule_collector = pipeline()
status_code, error_msg = rule_collector.execute()
print(error_msg)
sys.exit(0)