MISP
/
misp-objects
mirror of https://github.com/MISP/misp-objects
2
0
Fork 0
Code Issues Releases Wiki Activity

yabin updated following Andras feedback

pull/26/merge
Alexandre Dulaunoy 2017-09-06 16:13:02 +02:00
parent 317fd559d6
commit 8814be9527
1 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
objects/yabin/definition.json
View File

@ -3,7 +3,7 @@
"uuid": "35b4dd03-4fa9-4e0e-97d8-a2867b11c956", "uuid": "35b4dd03-4fa9-4e0e-97d8-a2867b11c956",
"meta-category": "file", "meta-category": "file",
"description": "yabin.py generates Yara rules from function prologs, for matching and hunting binaries. ref: https://github.com/AlienVault-OTX/yabin", "description": "yabin.py generates Yara rules from function prologs, for matching and hunting binaries. ref: https://github.com/AlienVault-OTX/yabin",
"version": 1, "version": 2,
"attributes": { "attributes": {
"yara": { "yara": {
"misp-attribute": "yara", "misp-attribute": "yara",
@ -18,19 +18,17 @@
"description": "Wide yara rule generated from -yh." "description": "Wide yara rule generated from -yh."
}, },
"whitelist": { "whitelist": {
"misp-attribute": "text", "misp-attribute": "comment",
"ui-priority": 0, "ui-priority": 0,
"disable_correlation": true,
"description": "Whitelist name used to generate the rules." "description": "Whitelist name used to generate the rules."
}, },
"text": { "comment": {
"misp-attribute": "text", "misp-attribute": "comment",
"ui-priority": 0, "ui-priority": 0,
"disable_correlation": true,
"description": "A description of Yara rule generated." "description": "A description of Yara rule generated."
}, },
"version": { "version": {
"misp-attribute": "url", "misp-attribute": "comment",
"ui-priority": 0, "ui-priority": 0,
"description": "yabin.py and regex.txt version used for the generation of the yara rules." "description": "yabin.py and regex.txt version used for the generation of the yara rules."
} }