added counter

.github/workflows/generate-counter.yml

@@ -0,0 +1,41 @@
+name: generate-svg-counter
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  generate-counter:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          submodules: true
+          token: ${{ secrets.PUSH_TOKEN }}
+
+      - name: Set up Python 3.11
+        uses: actions/[email protected]
+        with:
+            python-version: 3.11
+      - name: Install Poetry
+        run: curl -sSL https://install.python-poetry.org | python -
+      - name: Install dependencies with Poetry
+        run: poetry install
+      - name: Generate shields.io URL
+        run: poetry run python bin/gen_counter.py -f yaml/
+        id: counter
+      - name: Update README
+        run: |
+          echo ${{ steps.counter.outputs.result }}
+          sed -i "s|https://img.shields.io/badge/Drivers-.*-flat.svg|${{ steps.counter.outputs.result }}|" README.md
+        shell: bash
+      - name: update github with new site
+        run: |
+          # configure git to prep for commit
+          git config user.email "[email protected]"
+          git config user.name "publish bot"
+          git config --global push.default simple
+          git add README.md
+          git commit --allow-empty -m "updating drivers count in README.md [ci skip]"
+          git push

README.md

@@ -1,6 +1,6 @@
 # LOLDrivers - Living Off The Land Drivers 🚗💨
 
-![CI build](https://github.com/magicsword-io/LOLDrivers/actions/workflows/validate.yml/badge.svg)
+![CI build](https://github.com/magicsword-io/LOLDrivers/actions/workflows/validate.yml/badge.svg) | ![Drivers](https://img.shields.io/badge/Drivers-1239-flat.svg)
 
 Welcome to LOLDrivers (Living Off The Land Drivers), an exciting open-source project that brings together vulnerable, malicious, and known malicious Windows drivers in one comprehensive repository. Our mission is to empower organizations of all sizes with the knowledge and tools to understand and address driver-related security risks, making their systems safer and more reliable.
 
@@ -44,9 +44,11 @@ If you'd like to contribute, please follow these steps:
 
 For more detailed instructions, please refer to the [CONTRIBUTING.md](CONTRIBUTING.md) file. To create a new YAML file for a driver, use the provided [YML-Template](YML-Template.yml).
 
-## 🚨 Sigma and Sysmon Detection
+## 🚨 Sigma, Yara, ClamAV and Sysmon Detection
 
-LOLDrivers provides comprehensive Sigma and Sysmon detection rules to help you effectively detect potential threats. To explore these rules in detail, navigate to the [sigma](detections/sigma/) and [sysmon](detections/sysmon/) directories under the detection folder.
+![](loldrivers.io/static/images/detections.webp)
+
+LOLDrivers provides comprehensive Sigma, Yara, ClamAV and Sysmon detection rules to help you effectively detect potential threats. To explore these rules in detail, navigate to the [sigma](detections/sigma/), [yara](detections/yara), [av](https://github.com/magicsword-io/LOLDrivers/blob/main/detections/av/LOLDrivers.hdb) and [sysmon](detections/sysmon/) directories under the detection folder.
 
 Happy hunting! 🕵️‍♂️
 

bin/gen-counter.py

@@ -0,0 +1,34 @@
+import os
+import argparse
+import urllib.parse
+import yaml
+
+# Parse command line arguments
+parser = argparse.ArgumentParser(description='Generate an SVG counter for a folder with a list of YAML files.')
+parser.add_argument('-f', '--folder', metavar='FOLDER', type=str, default='yaml/', help='the folder to search for YAML files (default: yaml/)')
+args = parser.parse_args()
+
+# Find YAML files in the specified folder
+sample_count = 0
+for filename in os.listdir(args.folder):
+    if filename.endswith('.yaml'):
+        with open(os.path.join(args.folder, filename), 'r') as f:
+            yaml_data = yaml.safe_load(f)
+            if yaml_data is not None and 'KnownVulnerableSamples' in yaml_data:
+                sample_count += len(yaml_data['KnownVulnerableSamples'])
+
+# Generate the shields.io badge URL
+params = {
+    'label': 'Drivers',
+    'message': str(sample_count),
+    'style': 'flat'
+}
+url = 'https://img.shields.io/badge/{}-{}-{}.svg'.format(
+    urllib.parse.quote_plus(params['label']),
+    urllib.parse.quote_plus(params['message']),
+    urllib.parse.quote_plus(params['style'])
+)
+
+# Save shields URL in Github Output to be used in the next step.
+with open(os.environ['GITHUB_OUTPUT'], 'a') as fh:
+    print(f'result={url}', file=fh)