Remember to unzip the .docx first, or use scan.sh.
Compile the yara rule for scan.sh to work
yarac canarytoken.yar canarytoken
#!/usr/bin/python3 | |
import re | |
import zipfile | |
import argparse | |
from urllib.parse import urlparse | |
from colorama import Fore | |
from colorama import Style | |
from colorama import init |
Remember to unzip the .docx first, or use scan.sh.
Compile the yara rule for scan.sh to work
yarac canarytoken.yar canarytoken