thatarchguy/gitgrab.sh

## gitgrab.sh
#!/bin/bash

usage()
{
cat << EOF
usage: $0 options
Find yara rules in github repositories
OPTIONS:
    github repo url
ex. gitgrab.sh https://github.com/someguy/reponame.git
EOF
}

INPUT=
SOURCE=


INPUT=$1
if [[ -z $INPUT ]]
then
    usage
    exit 1
fi

SOURCE="$(echo $INPUT | sed 's|https://github.com/||g')"
SOURCE="$(echo $SOURCE | sed 's|/|.|g')"
SOURCE="$(echo $SOURCE | sed 's|.git||g')"

echo "[+] cloning $INPUT"
git clone $INPUT repository

echo "// Rules found at $INPUT" >> $SOURCE.yar
echo " " >> $SOURCE.yar

echo "[+] finding yara rules"
find ./repository -iname "*.yar" -exec cat {} >> $SOURCE.yar \;
find ./repository -iname "*.yara" -exec cat {} >> $SOURCE.yar \;

rm -rf ./repository

echo "Rules found: $(cat $SOURCE.yar | grep "rule" | wc -l)"

echo "[+] done"
	#!/bin/bash

	usage()
	{
	cat << EOF
	usage: $0 options
	Find yara rules in github repositories
	OPTIONS:
	github repo url
	ex. gitgrab.sh https://github.com/someguy/reponame.git
	EOF
	}

	INPUT=
	SOURCE=


	INPUT=$1
	if [[ -z $INPUT ]]
	then
	usage
	exit 1
	fi

	SOURCE="$(echo $INPUT \| sed 's\|https://github.com/\|\|g')"
	SOURCE="$(echo $SOURCE \| sed 's\|/\|.\|g')"
	SOURCE="$(echo $SOURCE \| sed 's\|.git\|\|g')"

	echo "[+] cloning $INPUT"
	git clone $INPUT repository

	echo "// Rules found at $INPUT" >> $SOURCE.yar
	echo " " >> $SOURCE.yar

	echo "[+] finding yara rules"
	find ./repository -iname "*.yar" -exec cat {} >> $SOURCE.yar \;
	find ./repository -iname "*.yara" -exec cat {} >> $SOURCE.yar \;

	rm -rf ./repository

	echo "Rules found: $(cat $SOURCE.yar \| grep "rule" \| wc -l)"

	echo "[+] done"