Yara fixes by 0ssigeno · Pull Request #1608 · intelowlproject/IntelOwl

0ssigeno · 2023-03-21T13:39:54Z

No description provided.

Signed-off-by: 0ssigeno <[email protected]>

codecov · 2023-03-21T14:27:27Z

Codecov Report

Merging #1608 (c92ce75) into develop (aa8820f) will increase coverage by 10.23%.
The diff coverage is 79.23%.

❗ Current head c92ce75 differs from pull request most recent head fed7d80. Consider uploading reports for the commit fed7d80 to get more accurate results

@@             Coverage Diff              @@
##           develop    #1608       +/-   ##
============================================
+ Coverage    66.75%   76.98%   +10.23%     
============================================
  Files           95      214      +119     
  Lines         3706     8748     +5042     
  Branches       519     1038      +519     
============================================
+ Hits          2474     6735     +4261     
- Misses         941     1525      +584     
- Partials       291      488      +197

Impacted Files	Coverage Δ
...pp/analyzers_manager/file_analyzers/vt/vt3_scan.py	`0.00% <0.00%> (ø)`
..._manager/observable_analyzers/dns/dns_responses.py	`71.42% <ø> (ø)`
api_app/serializers.py	`81.62% <ø> (+13.20%)`	⬆️
api_app/signals.py	`52.63% <ø> (ø)`
api_app/urls.py	`83.33% <ø> (-16.67%)`	⬇️
api_app/views.py	`89.53% <ø> (ø)`
api_app/analyzers_manager/file_analyzers/clamav.py	`35.71% <35.71%> (ø)`
...i_app/analyzers_manager/file_analyzers/suricata.py	`41.17% <41.17%> (ø)`
...nalyzers_manager/observable_analyzers/pulsedive.py	`41.89% <41.89%> (ø)`
...analyzers_manager/file_analyzers/signature_info.py	`50.00% <42.85%> (ø)`
... and 181 more

... and 25 files with indirect coverage changes

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b9c3462...fed7d80. Read the comment docs.

Signed-off-by: 0ssigeno <[email protected]>

* fix intelowl server_name * managed 404 result for Crowdsec analyzer * Bump whitenoise from 6.3.0 to 6.4.0 in /requirements (#1567) Bumps [whitenoise](https://github.com/evansd/whitenoise) from 6.3.0 to 6.4.0. - [Release notes](https://github.com/evansd/whitenoise/releases) - [Changelog](https://github.com/evansd/whitenoise/blob/main/docs/changelog.rst) - [Commits](evansd/whitenoise@6.3.0...6.4.0) --- updated-dependencies: - dependency-name: whitenoise dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump intezer-sdk from 1.15.1 to 1.16.1 in /requirements (#1568) Bumps [intezer-sdk](https://github.com/intezer/analyze-python-sdk) from 1.15.1 to 1.16.1. - [Release notes](https://github.com/intezer/analyze-python-sdk/releases) - [Changelog](https://github.com/intezer/analyze-python-sdk/blob/master/CHANGES) - [Commits](intezer/analyze-python-sdk@v1.15.1...v1.16.1) --- updated-dependencies: - dependency-name: intezer-sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * restored pull request templates positions * Registration Page #1284 (#1413) * added registration - context_procesors problem * changes * test * changes * fixed registration bugs and adjusted the docs * changes * changed pull_request_automation * changed env_file_app_template * adjusted frontend env variable and documentation * fixed register button and added smtp backend * added form and password validation * adjusted docs * adjusted password validation * api_app/core/dataclasses.py * added button to reset password * Adjusted frontend validator and backend test_auth * updated frontend login test * updated frontend login test * updated frontend login test * adjusted validator * added frontend tests * adjusted frontend tests * runned prettier:write --------- Co-authored-by: Matteo Lodi <[email protected]> Co-authored-by: Daniele Rosetti <[email protected]> * fix initialize.sh docker condition (#1580) * Bump google-cloud-webrisk from 1.10.0 to 1.11.0 in /requirements (#1564) Bumps [google-cloud-webrisk](https://github.com/googleapis/python-webrisk) from 1.10.0 to 1.11.0. - [Release notes](https://github.com/googleapis/python-webrisk/releases) - [Changelog](https://github.com/googleapis/python-webrisk/blob/main/CHANGELOG.md) - [Commits](googleapis/python-webrisk@v1.10.0...v1.11.0) --- updated-dependencies: - dependency-name: google-cloud-webrisk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump quark-engine from 22.12.1 to 23.2.1 in /requirements (#1565) Bumps [quark-engine](https://github.com/quark-engine/quark-engine) from 22.12.1 to 23.2.1. - [Release notes](https://github.com/quark-engine/quark-engine/releases) - [Commits](ev-flow/quark-engine@v22.12.1...v23.2.1) --- updated-dependencies: - dependency-name: quark-engine dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * [analyzer] hunter how (#1579) * fixed precommit errors * fixed usage.md * changed analyzer config * precommits * changed the name for hunteIo * modified mock test --------- Co-authored-by: shivam <[email protected]> * Bump django-ses from 3.1.0 to 3.3.0 in /requirements (#1585) Bumps [django-ses](https://github.com/django-ses/django-ses) from 3.1.0 to 3.3.0. - [Release notes](https://github.com/django-ses/django-ses/releases) - [Changelog](https://github.com/django-ses/django-ses/blob/master/CHANGES.md) - [Commits](django-ses/django-ses@v3.1.0...v3.3.0) --- updated-dependencies: - dependency-name: django-ses dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fixing AWS IAM Auth and created specific AWS settings file * tweak last commit * removed AWS_REGION duplicate * adjusted AWS SQS integration * adjusting order of settings * fix default queue * added SQS package for Celery * updated boto and added new Yara rule repo: https://github.com/elceef/yara-rulz * added SECURITY.md * added OpenSSF Best Practices badge + added permissions read to workflows * adjusted DNS0 analyzers (#1593) * adjusted DNS0 analyzers * fixed boto3 version * adjusted code ql * adjusted error handling in PDF_Info * added declaration of Slack related settings * added support for Docker Analyzers in Cluster environments * fixed typo in codeql * fixing and updating qiling and codeql * Fix "value too great for base" error (#1599) Signed-off-by: 0ssigeno <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: 0ssigeno <[email protected]> Co-authored-by: Matteo Lodi <[email protected]> Co-authored-by: Simone Berni <[email protected]> Co-authored-by: code-review-doctor[bot] <72320148+code-review-doctor[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: drosetti <[email protected]> Co-authored-by: Abheek Tripathy <[email protected]> Co-authored-by: AshirRashid <[email protected]> Co-authored-by: Karanjot Singh <[email protected]> Co-authored-by: 0ssigeno <[email protected]> Co-authored-by: Daniele Rosetti <[email protected]> Co-authored-by: Siddhanth <[email protected]> Co-authored-by: Parth Madan <[email protected]> Co-authored-by: Shivam Purohit <[email protected]> Co-authored-by: shivam <[email protected]> * adjusted paths in malware tools analyzers + added message to initialize.sh + fixed ThugUrl + managed Yara edge case * added libcurl for codeql * Fix logrotate copy command (#1600) * Fix logrotate copy cp: /etc/logrotate.d is not a directory * Remove unnecessary directory context --------- Signed-off-by: 0ssigeno <[email protected]> Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: 0ssigeno <[email protected]> Co-authored-by: Matteo Lodi <[email protected]> Co-authored-by: Simone Berni <[email protected]> Co-authored-by: code-review-doctor[bot] <72320148+code-review-doctor[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: drosetti <[email protected]> Co-authored-by: Abheek Tripathy <[email protected]> Co-authored-by: AshirRashid <[email protected]> Co-authored-by: Karanjot Singh <[email protected]> Co-authored-by: 0ssigeno <[email protected]> Co-authored-by: Daniele Rosetti <[email protected]> Co-authored-by: Siddhanth <[email protected]> Co-authored-by: Parth Madan <[email protected]> Co-authored-by: Shivam Purohit <[email protected]> Co-authored-by: shivam <[email protected]> * incremented logging for yara update and for broadcast update + adjust to emailrepio analyzer * incremented logging for Yara analyzer * forcing .fifo in case of AWS_SQS is used * adjusted crons default queue * Cron and command (#1603) Signed-off-by: 0ssigeno <[email protected]> * Fixes- #1404 Make Observable copy-pastable (#1578) * fixes-observablecopypaste * reviewing changes * proxy-fix * Added chance to use NFS instead of local storage (#1604) * Support for nfs Signed-off-by: 0ssigeno <[email protected]> * Fix signal Signed-off-by: 0ssigeno <[email protected]> * Fixing nfs Signed-off-by: 0ssigeno <[email protected]> * Typo Signed-off-by: 0ssigeno <[email protected]> * Rename Signed-off-by: 0ssigeno <[email protected]> * Added docs Signed-off-by: 0ssigeno <[email protected]> * Black Signed-off-by: 0ssigeno <[email protected]> * Fix order Signed-off-by: 0ssigeno <[email protected]> * Added celery beat Signed-off-by: 0ssigeno <[email protected]> * Typo Signed-off-by: 0ssigeno <[email protected]> * Fifo case Signed-off-by: 0ssigeno <[email protected]> * Typo Signed-off-by: 0ssigeno <[email protected]> --------- Signed-off-by: 0ssigeno <[email protected]> * Bump drf-spectacular from 0.25.1 to 0.26.1 in /requirements (#1607) Bumps [drf-spectacular](https://github.com/tfranzel/drf-spectacular) from 0.25.1 to 0.26.1. - [Release notes](https://github.com/tfranzel/drf-spectacular/releases) - [Changelog](https://github.com/tfranzel/drf-spectacular/blob/master/CHANGELOG.rst) - [Commits](tfranzel/drf-spectacular@0.25.1...0.26.1) --- updated-dependencies: - dependency-name: drf-spectacular dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-celery-beat from 2.4.0 to 2.5.0 in /requirements (#1605) Bumps [django-celery-beat](https://github.com/celery/django-celery-beat) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/celery/django-celery-beat/releases) - [Changelog](https://github.com/celery/django-celery-beat/blob/main/Changelog) - [Commits](celery/django-celery-beat@v2.4.0...v2.5.0) --- updated-dependencies: - dependency-name: django-celery-beat dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump django-celery-results from 2.4.0 to 2.5.0 in /requirements (#1596) Bumps [django-celery-results](https://github.com/celery/django-celery-results) from 2.4.0 to 2.5.0. - [Release notes](https://github.com/celery/django-celery-results/releases) - [Changelog](https://github.com/celery/django-celery-results/blob/main/Changelog) - [Commits](celery/django-celery-results@v2.4.0...v2.5.0) --- updated-dependencies: - dependency-name: django-celery-results dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Matteo Lodi <[email protected]> * removed pinned requests * Yara fixes & speedup (#1608) * Added global check Signed-off-by: 0ssigeno <[email protected]> * Yara fixes Signed-off-by: 0ssigeno <[email protected]> * Reverted global Signed-off-by: 0ssigeno <[email protected]> * SUPER FAST Signed-off-by: 0ssigeno <[email protected]> * Fix Signed-off-by: 0ssigeno <[email protected]> * Fix Signed-off-by: 0ssigeno <[email protected]> * Logs Signed-off-by: 0ssigeno <[email protected]> * Removed unused variable Signed-off-by: 0ssigeno <[email protected]> * Class mgmt Signed-off-by: 0ssigeno <[email protected]> * Removed unused attribute Signed-off-by: 0ssigeno <[email protected]> * Fixed docs Signed-off-by: 0ssigeno <[email protected]> --------- Signed-off-by: 0ssigeno <[email protected]> * Malware tools analyzers refactor (#1609) * updated malware_tools_analyzers image and refactored related analyzers * fixes * fixed fileinfo qiling and strings * linters * deepsource * fix NFS flag * Message group Id (#1610) * Uuid Signed-off-by: 0ssigeno <[email protected]> * Blake Signed-off-by: 0ssigeno <[email protected]> --------- Signed-off-by: 0ssigeno <[email protected]> * Update_repositories script is no longer necessary, since you can have the same result using a shared nfs Signed-off-by: 0ssigeno <[email protected]> * Corner case Signed-off-by: 0ssigeno <[email protected]> * Adding global config on worker connect Signed-off-by: 0ssigeno <[email protected]> * Fix owner Signed-off-by: 0ssigeno <[email protected]> * Fix path compiled Signed-off-by: 0ssigeno <[email protected]> * adjustments to Thug and malware_tools_analyzers * Adding url in match Signed-off-by: 0ssigeno <[email protected]> * Added rule_url to every match Signed-off-by: 0ssigeno <[email protected]> * set_permissions is now recursive Signed-off-by: 0ssigeno <[email protected]> * upgraded Django to 4.1 and added DB options to better manage connections (#1613) * adjusts to Quad9, Classic DNS, MWdb and OTX analyzers (#1612) * adjusts to Quad9 and Classic DNS analyzers * fixes to mwdb and to last commit * adjusted OTX with timeout * managed edge case * adjust * tweak * incremented logging * removed Manalyze --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: 0ssigeno <[email protected]> Signed-off-by: 0ssigeno <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Martina Carella <[email protected]> Co-authored-by: Daniele Rosetti <[email protected]> Co-authored-by: ben-ce <[email protected]> Co-authored-by: Shivam Purohit <[email protected]> Co-authored-by: shivam <[email protected]> Co-authored-by: Kyle Taylor <[email protected]> Co-authored-by: Simone Berni <[email protected]> Co-authored-by: code-review-doctor[bot] <72320148+code-review-doctor[bot]@users.noreply.github.com> Co-authored-by: drosetti <[email protected]> Co-authored-by: Abheek Tripathy <[email protected]> Co-authored-by: AshirRashid <[email protected]> Co-authored-by: Karanjot Singh <[email protected]> Co-authored-by: 0ssigeno <[email protected]> Co-authored-by: Siddhanth <[email protected]> Co-authored-by: Parth Madan <[email protected]>

0ssigeno added 4 commits March 20, 2023 17:35

Added global check

791dc3b

Signed-off-by: 0ssigeno <[email protected]>

Yara fixes

e46c350

Signed-off-by: 0ssigeno <[email protected]>

Reverted global

799e3b0

Signed-off-by: 0ssigeno <[email protected]>

SUPER FAST

bfe65cf

Signed-off-by: 0ssigeno <[email protected]>

0ssigeno requested a review from mlodic March 21, 2023 13:39

mlodic approved these changes Mar 21, 2023

View reviewed changes

0ssigeno added 2 commits March 21, 2023 15:01

Fix

1fcfe92

Signed-off-by: 0ssigeno <[email protected]>

Fix

c92ce75

Signed-off-by: 0ssigeno <[email protected]>

0ssigeno added 5 commits March 21, 2023 15:28

Logs

5cfad0e

Signed-off-by: 0ssigeno <[email protected]>

Removed unused variable

de5f1db

Signed-off-by: 0ssigeno <[email protected]>

Class mgmt

a3d91e7

Signed-off-by: 0ssigeno <[email protected]>

Removed unused attribute

cd58aa4

Signed-off-by: 0ssigeno <[email protected]>

Fixed docs

fed7d80

Signed-off-by: 0ssigeno <[email protected]>

0ssigeno merged commit 7048952 into develop Mar 21, 2023

0ssigeno deleted the yara_fixes branch March 21, 2023 14:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Yara fixes#1608

Yara fixes#1608
0ssigeno merged 11 commits intodevelopfrom
yara_fixes

0ssigeno commented Mar 21, 2023

Uh oh!

codecov bot commented Mar 21, 2023 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Uh oh!

Conversation

0ssigeno commented Mar 21, 2023

Uh oh!

codecov bot commented Mar 21, 2023 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

codecov bot commented Mar 21, 2023 •

edited

Loading