Crate stalkerware_indicators

source ·
Expand description

Parse a stalkerware-indicators yaml into a list of Rules.

Example

use anyhow::Context;
use std::fs;

fn main() -> anyhow::Result<()> {
    let buf = fs::read("test_data/ioc-2022-12-15.yaml")
        .context("Failed to read ioc yaml file")?;

    let rules = stalkerware_indicators::parse_from_buf(&buf);
    for rule in rules {
        println!("Rule: {:?}", rule);
    }

    Ok(())
}

Modules

errors

Structs

C2Rule
Struct for C2 infos
Rule
A rule entry that lists indicators of compromise for a strain of stalkerware

Functions

parse_from_buf
Load a yaml ioc.yaml from a byte slice
parse_from_file
Load a yaml ioc.yaml from the file system