IRFuzz is a simple scanner with yara rules for document archives or any files.
Install
1. Prerequisites
Linux or OS X
Dependencies are managed with pipenv
. To get started install dependencies and activate virtual environment with following commands:
$ pipenv install
$ pipenv shell
Running IRFuzz – Watchd
Running IRFuzz
$ python -m watchd.watch ~/tools/IR/ -y rules/maldocs --csv csvfile.csv
Supported Features
Custom Extensions
$ python -m watchd.watch ~/tools/IR/ -y rules/maldocs --csv csvfile.csv --extensions .zip,.rar
Alert Matching Yara Rule
Generate token from https://irfuzz.com/tokens
$ python -m watchd.watch ~/tools/IR/ -y rules/maldocs --csv csvfile.csv --extensions .php --token tokenhere
Configure alerts from the website to Telegram or your email.
Delete Matched File
$ python -m watchd.watch ~/tools/IR/ -y rules/maldocs --csv csvfile.csv --delete
Polling (Inotify Not Supported)
$ python -m watchd.watch ~/tools/IR/ -y rules/maldocs --csv csvfile.csv --polling
Adds –poll option to force the use of polling mechanism to detect changes in data directory. Polling is slower than the underlying mechanism in OS to detect changes but it’s necessary with certain file systems such as SMB mounts.
This repository contains tools created by yogSahare0 while learning Python 3 for ethical hacking and penetration testing.…
"NetSecChallenger" provides a suite of automated tools designed for security professionals and network administrators to…
The essential tool for cybersecurity enthusiasts! This guide provides a detailed walkthrough on how to…
Meet "Poodone," the ultimate Python script designed for cybersecurity enthusiasts and professionals alike. Packed with…
The Linux version is no longer supported! The last Linux version is 6.0 that you…
Jin is a hacking command-line tools designed to make your scan port, gathering urls, check…