From 7b475973aa4ef29e26469e3aa03134f1f3deb02e Mon Sep 17 00:00:00 2001 From: Lisa Date: Sun, 23 Mar 2025 13:20:57 +0100 Subject: [PATCH] V4 : Yara rules implementation --- README.md | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index e3a767e..e886e84 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,13 @@ -# Scanner : V3 +# Scanner : V4 -Node.JS based file scanner using patterns and OLLAMA (llama3.2:1b) integration for file/code analysis. +Node.JS based file scanner using YARA rules and OLLAMA (llama3.2:1b) integration for file/code analysis. ## Setup Install axios ```js -npm i axios +npm i axios @automattic/yara ``` Edit variables in code aiprompt, patterns, pathtoscan, llamaendpoint, etc. @@ -38,10 +38,13 @@ We have few extra options available. 1. Discord webhook integration will send every file analysis which might appear few times per request of AI, it results in a ratelimit and no messages being sent or an error. 2. If OLLAMA is self hosted there is chance of it being overloaded, if it is being hosted externally and on paid plan there is chance of it eating a lot of money. 3. We do not recommend scanning nodemodules, cache files, etc. Please use --ignorefolders or --ignorefiles tag to exclude them. +4. Compiled files might not be able to get scanned. (NOT TESTED) ## Known issues -1. Some OLLAMA models might refuse to analyse file for malware content. +1. Some OLLAMA models might refuse to analyse file for malware content. + > Suggested fix by inxtagram: + `For the first issue Some OLLAMA models might refuse to analyse file for malware content, you can expect better results by using abliterated model. huihui_ai/llama3.2-abliterate:1b might be suit on your needs` 2. Scanning too much files might result in huge console spam and AI/Discord integration errors. COPYRIGHT CC-BY-SA-4.0, CONTACT: lisahonkay@gmail.com \ No newline at end of file