From e2d12ad6a33255a9bf6ecca59aeac6911673d94b Mon Sep 17 00:00:00 2001 From: cccs-gm <56171373+cccs-gm@users.noreply.github.com> Date: Tue, 21 Jul 2020 09:55:06 -0400 Subject: [PATCH] Updated the README.md and yara_validator_cli.py - Fixed a type in the new contents of the -h flag - Updated the README.md to include the new help information from the updated yara_validator_cli.py --- README.md | 94 +++++++++++++++++++------------------------ yara_validator_cli.py | 2 +- 2 files changed, 43 insertions(+), 53 deletions(-) diff --git a/README.md b/README.md index f239128..99956ce 100644 --- a/README.md +++ b/README.md @@ -79,39 +79,34 @@ yara_validator_cli.py -h | |__| |__| |___ ___) | | |/ ___ \| _ < / ___ \ \____\____\____|____/ |_/_/ \_\_| \_\/_/ \_\ -usage: yara_validator_cli.py [-h] [-r] [-n] [-v] [-vv] [-f] [-w] [-s] [-g] +usage: yara_validator_cli.py [-h] [-r] [-n] [-v] [-vv] [-f] [-w] [-s] [-i | -c] paths [paths ...] -CCCS YARA script to run the CCCS YARA validator, if the -i or -c flags are not -provided no changes will be made to the files. The default behavior without -either of the -i or -c flags is to return the validity of the file or files if -the -i or -c flag had been used. Use the -g flag to check the current validity -of the file or files. +CCCS YARA script to run the CCCS YARA validator, use the -i or -c flags to +generate the id, fingerprint, version, first_imported, or last_modified (if +not already present) and add them to the file. positional arguments: - paths A list of files or folders to be analyzed. + paths A list of files or folders to be analyzed. optional arguments: - -h, --help show this help message and exit - -r, --recursive Recursively search folders provided. - -n, --no-changes Makes no changes and outputs potential results to the - output. - -v, --verbose Verbose mode, will print why a rule was invalid. - -vv, --very-verbose Very-verbose mode, will printout what rule is about to - be processed, the invalid rules, the reasons they are - invalid and all contents of the rule. - -f, --fail Fail mode, only prints messages about invalid rules. - -w, --warnings This mode will ignore warnings and proceed with other - behaviors if the rule is valid. - -s, --standard This prints the YARA standard to the screen. - -g, --generate-values - Generate-values, this is true by default use this flag - to prevent values from being generated. - -i, --in-place Modifies valid files in place, mutually exclusive with - -c. - -c, --create-files Writes a new file for each valid file, mutually - exclusive with -i. + -h, --help show this help message and exit + -r, --recursive Recursively search folders provided. + -n, --no-changes Makes no changes and outputs potential results to the + output. + -v, --verbose Verbose mode, will print why a rule was invalid. + -vv, --very-verbose Very-verbose mode, will printout what rule is about to + be processed, the invalid rules, the reasons they are + invalid and all contents of the rule. + -f, --fail Fail mode, only prints messages about invalid rules. + -w, --warnings This mode will ignore warnings and proceed with other + behaviors if the rule is valid. + -s, --standard This prints the YARA standard to the screen. + -i, --in-place Modifies valid files in place, mutually exclusive with + -c. + -c, --create-files Writes a new file for each valid file, mutually + exclusive with -i. ``` @@ -197,38 +192,33 @@ yara_validator_cli.py -h | |__| |__| |___ ___) | | |/ ___ \| _ < / ___ \ \____\____\____|____/ |_/_/ \_\_| \_\/_/ \_\ -usage: yara_validator_cli.py [-h] [-r] [-n] [-v] [-vv] [-f] [-w] [-s] [-g] +usage: yara_validator_cli.py [-h] [-r] [-n] [-v] [-vv] [-f] [-w] [-s] [-i | -c] paths [paths ...] -CCCS YARA script to run the CCCS YARA validator, if the -i or -c flags are not -provided no changes will be made to the files. The default behavior without -either of the -i or -c flags is to return the validity of the file or files if -the -i or -c flag had been used. Use the -g flag to check the current validity -of the file or files. +CCCS YARA script to run the CCCS YARA validator, use the -i or -c flags to +generate the id, fingerprint, version, first_imported, or last_modified (if +not already present) and add them to the file. positional arguments: - paths A list of files or folders to be analyzed. + paths A list of files or folders to be analyzed. optional arguments: - -h, --help show this help message and exit - -r, --recursive Recursively search folders provided. - -n, --no-changes Makes no changes and outputs potential results to the - output. - -v, --verbose Verbose mode, will print why a rule was invalid. - -vv, --very-verbose Very-verbose mode, will printout what rule is about to - be processed, the invalid rules, the reasons they are - invalid and all contents of the rule. - -f, --fail Fail mode, only prints messages about invalid rules. - -w, --warnings This mode will ignore warnings and proceed with other - behaviors if the rule is valid. - -s, --standard This prints the YARA standard to the screen. - -g, --generate-values - Generate-values, this is true by default use this flag - to prevent values from being generated. - -i, --in-place Modifies valid files in place, mutually exclusive with - -c. - -c, --create-files Writes a new file for each valid file, mutually - exclusive with -i. + -h, --help show this help message and exit + -r, --recursive Recursively search folders provided. + -n, --no-changes Makes no changes and outputs potential results to the + output. + -v, --verbose Verbose mode, will print why a rule was invalid. + -vv, --very-verbose Very-verbose mode, will printout what rule is about to + be processed, the invalid rules, the reasons they are + invalid and all contents of the rule. + -f, --fail Fail mode, only prints messages about invalid rules. + -w, --warnings This mode will ignore warnings and proceed with other + behaviors if the rule is valid. + -s, --standard This prints the YARA standard to the screen. + -i, --in-place Modifies valid files in place, mutually exclusive with + -c. + -c, --create-files Writes a new file for each valid file, mutually + exclusive with -i. ``` diff --git a/yara_validator_cli.py b/yara_validator_cli.py index a955b5d..3192dc0 100644 --- a/yara_validator_cli.py +++ b/yara_validator_cli.py @@ -25,7 +25,7 @@ # function. parser = argparse.ArgumentParser(description='CCCS YARA script to run the CCCS YARA validator, ' 'use the -i or -c flags to generate the id, fingerprint, version, ' - 'first_imported, or last_modified (if not already present) and add them' + 'first_imported, or last_modified (if not already present) and add them ' 'to the file.') parser.add_argument('paths', nargs='+', type=str, default=[], help='A list of files or folders to be analyzed.')