[request] Yara plugin

Question

[request] Yara plugin

ctmayhew opened this issue 7 years ago · 3 comments

Would be great if you could make a YARA plugin. For example run x number of YARA rules against the E01 file.

Answer 1 · 2018-01-03T12:47:28.000Z

Hi Chris.

John Lukach created a plugin for YARA a few years ago. Have you tried that out to see if it will meet your needs? You can find the plugin here https://github.com/jblukach/AutopsyModules along with the other plugins that he has written.

Mark

Answer 2 · 2018-01-03T12:54:26.000Z

Ah thank you !

Answer 3 · 2018-01-03T13:10:25.000Z

Hi Chris,

If that plugin does not work or you need something more let me know. Also if you have any more ideas for plugins you can fill out a very very short survey about your need/request here and it can be added to the list of plugins I am creating. https://www.surveymonkey.com/r/MKX732H.

Mark