YaraPcap
Process HTTP Pcaps With YARA
Install / Use
/learn @kevthehermit/YaraPcapREADME
yaraPCAP
Yara Scanner For IMAP Feeds and saved Streams
###What it does:
- Reads a PCAP File and Extracts Http Streams.
- gzip deflates any compressed streams
- Scans every file with yara
- writes a report.txt
- optionally saves matching files to a Dir
###Usage
- Simple report "python yaraPcap.py -r sampleReport.txt sample.yar sample.pcap"
- Save Matching Files "python yaraPcap.py -s SampleDir sample.yar sample.pcap"
###Requirements
- Python
- Yara / PyYara
- TCPFlow 1.3 - https://github.com/simsong/tcpflow
- For windows edit the Script to point to your copy of the tcpflow binary. Line 29
###ToDo
- Save Report as XML
- Add More Detail to the Report
Related Skills
node-connect
346.8kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
107.6kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
346.8kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
346.8kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
