def scan(uri):
alerts = list()
matches = URLClassifier.yara_rules.match(data=uri.encode('ascii', 'ignore'))
if not len(matches) > 0:
return alerts
for match in matches['urls']:
alert_reason = ", ".join([" ".join(t.split('_')) for t in match['tags']])
alert_data = "\n".join([s['data'] for s in match['strings']])
alerts.append((alert_reason, alert_data))
log.msg("Yara URL Classification Match: " + alert_reason, level=log.INFO)
return alerts
评论列表
文章目录
