Lisa_Stuff/Scanner
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Scanner/README.md
Lisa 9df1678eee Update README.md
2025-03-23 13:23:27 +01:00

54 lines
2.0 KiB
Markdown
Raw Permalink Blame History

# Scanner : V4
Node.JS based file scanner using YARA rules and OLLAMA (llama3.2:1b) integration for file/code analysis.
> Seeking for V3 legacy where we used other methods for scanning and detecting patterns? Check http://lhhomeserver.ddns.net:3000/Lisa_Stuff/Scanner/src/branch/legacy/
## Setup
Install axios
```js
npm i axios @automattic/yara
```
Edit variables in code aiprompt, extension, pathtoscan, llamaendpoint, etc.
Upload your YARA rules inside signatures folder. Supported extensions for YARA rules are: .yar and .yara
Run code
```js
node scanner.js
```
If you want to quickly change path use:
```js
node scanner.js --pathtoscan="./your/path/goes/here"
```
## Extra Options
We have few extra options available.
1. `--pathtoscan="./your/path/goes/here"` | Scans specific path (can be set through code variable!)
2. `--ignorefolders="some,folder,to,ignore,and,not,scan"` | Ignores specific folder(s) in that path (CLI ONLY!)
3. `--ignorefiles="some,files,to,ignore,and,not,scan"` | Ignores specific file(s) in that path (CLI ONLY!)
## Known limitations
1. Discord webhook integration will send every file analysis which might appear few times per request of AI, it results in a ratelimit and no messages being sent or an error.
2. If OLLAMA is self hosted there is chance of it being overloaded, if it is being hosted externally and on paid plan there is chance of it eating a lot of money.
3. We do not recommend scanning nodemodules, cache files, etc. Please use --ignorefolders or --ignorefiles tag to exclude them.
4. Compiled files might not be able to get scanned. (NOT TESTED)
## Known issues
1. Some OLLAMA models might refuse to analyse file for malware content.
> Suggested fix by inxtagram:
`For the first issue Some OLLAMA models might refuse to analyse file for malware content, you can expect better results by using abliterated model. huihui_ai/llama3.2-abliterate:1b might be suit on your needs`
2. Scanning too much files might result in huge console spam and AI/Discord integration errors.
COPYRIGHT CC-BY-SA-4.0, CONTACT: lisahonkay@gmail.com
Reference in New Issue View Git Blame Copy Permalink