Dude, I need to store all my signatures in a DB:
Can you suggest a good DB without size limit?
I know I asked you about this before but I am not interested in SQL, any other options?
Hey Chiroyce, I have another doubt and really need your help, yesterday I was watching videos about ransomware, and shelllocker was pretty destructive, so this person called "Leo" from the PC security channel booted windows into safe mode to stop execution of the ransomware. But I use linux and after a bit of researching I found out like safe mode it also has a "recovery mode", so I had this crazy idea, what if I make a tool which can display all important information to remove the ransomware process? So I researched a bit more and took a look at "/lib/recovery-mode/", it had a bunch of commands which could be run in recovery mode, and I saw that some tools such as "system-summary" use other system commands such as "df" in recovery mode, so if I make a shell script and add it to "/lib/recovery-mode" using the proper formats, will it execute in recovery mode or will I end up corrupting GRUB? Also, do you have any idea what is "echo $(eval_gettext "some txt here")"? To print text, those commands use "eval_gettext", I know this message is lengthy, but pls help me!
@Chiroyce Uh ok, and I now have the courage to create the script, I'm working on it now. And I am trying to make a malware scanner, I made an automation which downloads malware from malware bazaar, unpacks it and analyzes it. I have created YARA rules for some malware, shall I use YARA or shall I make my own pattern matching program from start?
@slgsan-encrypted Never mind, right after I posted that message, my automation program deleted itself and all other files, including the YARA rule file, so I have to make my own pattern matching system.
Hi, long time no see, and this project is awesome but it doesn't seem to work for me!
@Chiroyce Yesss, I created my first YARA rule for bad rabbit and it detects samples of bad rabbit successfully! Whoohooo, now the only thing is how can I store the YARA rules in a DB?
PS: the YARA rules are files
@Chiroyce Bro, I need another help, I have discovered that ica.in pretends to be the Indian Cyber Army and they claim that they operate from uttar pradesh, but when I traced out their location it was Wayne, USA. I tried to report it but everywhere it requires my e-mail address and I don't wanna reveal that, pls help. I think they are scammers because before a few years when I was young my uncle's phone was unreachable, so I reached out to them even though their site didn't end with gov.in, I asked them to trace the phone number and they asked for money, luckily I didn't give them the money but now I realize that they are scammers, if you want I can give their exact coordinates. Please help.