From ff0c609ce15299fcd0da5f5b471d3519495977ff Mon Sep 17 00:00:00 2001
From: Julien "shaddai" Reveret
Date: Thu, 8 Oct 2015 17:44:47 +0200
Subject: reorganized git repo

---
 generate_whitelist.py | 35 -----------------------------------
 1 file changed, 35 deletions(-)
 delete mode 100644 generate_whitelist.py

(limited to 'generate_whitelist.py')

diff --git a/generate_whitelist.py b/generate_whitelist.py
deleted file mode 100644
index 791bab9..0000000
--- a/generate_whitelist.py
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/usr/bin/env python
-
-import fnmatch
-import hashlib
-import os
-import sys
-
-try:
-    import yara
-except ImportError:
-    print 'Please install python-yara'
-    sys.exit(0)
-
-if len(sys.argv) != 3:
-    print 'Usage: %s name_of_the_rule_and_version folder_to_scan' % sys.argv[0]
-
-rules = yara.compile('./malwares.yara', includes=True, error_on_warning=True)
-
-output_list = list()
-
-for cpt, (root, dirnames, filenames) in enumerate(os.walk(sys.argv[2])):
-    for filename in fnmatch.filter(filenames, '*.ph*'):
-        fname = os.path.join(root, filename)
-        if os.stat(fname).st_size:
-            matches = rules.match(os.path.join(root, filename), fast=True)
-            if matches:
-                matches = matches.pop()  #  only one match, since we're scaning files
-                output_list.append('hash.sha1(0, filename) == %s or // %s' % (hashlib.sha1(fname).hexdigest(), fname))
-
-
-output_rule = 'private rule %s\n{\n\tcondition:\n\t\t/* %s */\n\t\t' % (sys.argv[1].split(' ')[0], sys.argv[1])
-output_list.append(output_list.pop().replace(' or ', '    '))
-output_rule += '\n\t\t'.join(output_list)
-output_rule +='\n}'
-print output_rule
-- 
cgit v1.3