gnh1201/welsonjs
1
0
Fork 0
mirror of https://github.com/gnh1201/welsonjs.git synced 2024-11-26 15:31:42 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Updated File Event Monitor (markdown)

Namhyeon Go 2024-09-15 17:56:11 +09:00
parent a7ce391fda
commit 73e2a05808
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
File-Event-Monitor.md

@ -8,7 +8,7 @@ The events that can be handled are as follows:
* Network connections (TCP, UDP)
* Registry modifications
***Note***: Although this feature utilizes tools that are popular among security analysts, it was not designed with security functionality in mind. Its primary purpose is to recommend appropriate software to users based on file formats.
***Note***: While this feature utilizes many tools popular among security analysts, it was not designed with security functionality in mind. It was developed to recommend appropriate software to users based on file types in scenarios where documents are exchanged via email, messenger, etc.
### Implement an event listener
@ -82,9 +82,11 @@ WelsonJS can be utilized in conjunction with [MITRE ATT&CK (attack.mitre.org)](h
Starting from WelsonJS version 0.2.7.37, [ClamAV (www.clamav.net)](https://www.clamav.net/) integration will be supported.
#### YARA signature matching
WelsonJS has a [YARA signature matching (github.com/VirusTotal/yara)](https://github.com/VirusTotal/yara) scenario for file events. The code will be released soon.
#### Packer/Unpacker identification
## Contact me
- abuse@catswords.net
- ActivityPub [@catswords_oss@catswords.social](https://catswords.social/@catswords_oss)