OpenSBI Editor Lite

From SpybotWiki
Jump to: navigation, search

OpenSBI Editor Lite, or short SBIEditLite, is a text editor designed specifically for editing OpenSBI malware definition files.

Overview

Usage

Start SBIEditLite by clicking on its item in your start menu or on your desktop, and select Open to open any previously edited file, or type ahead and then Save as under a new name.

Features

  • Code editor - many features you would expect from a code editor, including line numbers, file history and bookmarks.
  • Syntax highlighting - you'll immediately notice if lines are not syntactically correct.
  • Live help - press F1 and you'll get a description of the command, as well as error explanations.
  • Code completion - press Ctrl+Space to see all available commands.
  • Parameter completeion - press Alt+Space to insert a full template for any command.
  • Imports - many ways to import data files to commands that are ready to use.

Limitations

The line-based text structure of OpenSBI cannot yet reproduce the full capabilities of the scanning engine, so some special functions, for example rootkit related stuff, are not available. For the same reason, you will not be able to open the official .sbi files provided by Safer Networking Ltd., as they're available and possible in a more advanced binary format only, which conflicts with the target of the OpenSBI project: to bring you an easy to use tool to write detections for nearly anything you want removed!

License

  • This application was designed for, and is strictly licensed for use by home users and registered corporate customers only.
  • You may not use the software, or the file format documented here and within the software, for commercial purposes. You may not use the software if you are a malware author or distributor. And if you're one of those unfair trade competitors (yes, that includes you, McAfee and Symantec), you're not allowed to download or use it as well.
  • Feel free to share the software, and the detection patterns you create, with anyone who's not on the forbidden list above.
  • In exchange for us providing and maintaining this documentation for you, you grant Safer Networking Ltd. the exclusive right to use detection patterns you create in their software.
  • Feel free to write detection patterns for everything you like, including legit software, as long as you follow the following basic rules:
    • You agree to not publish patterns that are designed solely to harm systems.
    • You agree to not publish detection patterns for legit security software, unless you include, before the download and inside the file, good reasons to do so.
    • You may not mislabel detection patterns for legit software as patterns to remove malicious software.
    • For pattern that detect legit regular software, use the category PUPS.