Compile YARA rules to test against files or strings

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mjdorma from gravatar.com mjdorma

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache Software Licence)
  • Author: Michael Dorman
Classifiers

Project description

What is yara-ctypes:

  • A powerful python wrapper for yara-project’s libyara v1.6.

  • Supports thread safe matching of YARA rules.

  • namespace management to allow easy loading of multiple YARA rules into a single libyara context.

  • Comes with a scan module which exposes a user CLI and demonstrates a pattern for executing match jobs across a thread pool.

Why:

  • ctypes releases the GIL on system function calls… Run your PC to its true potential.

  • No more building the PyC extension…

  • I found a few bugs and memory leaks and wanted to make my life simple.

As a reference and guide to yara-ctypes see: yara-ctypes documentation

For additional tips / tricks with this wrapper feel free to post a question at the github yara-ctypes/issues page.

Project hosting provided by github.com.

[mjdorma+yara-ctypes@gmail.com]

Install and run

Simply run the following:

> python setup.py install
> python setup.py test
> python -m yara.scan -h

or PyPi:

> pip install yara
> python -m yara.scan -h

Compatability

yara-ctypes is implemented to be compatible with Python 2.6+ and Python 3.x. It has been tested against the following Python implementations:

Ubuntu 12.04:

  • CPython 2.7 (32bit, 64bit)

  • CPython 3.2 (32bit, 64bit)

Ubuntu 11.10 build_status:

  • CPython 2.6 (32bit)

  • CPython 2.7 (32bit)

  • CPython 3.2 (32bit)

  • PyPy 1.9.0 (32bit)

Windows 7:

  • CPython 2.6 (32bit, 64bit)

  • CPython 3.2 (32bit, 64bit)

Continuous integration testing is provided by Travis CI.

Issues

Source code for yara-ctypes is hosted on GitHub. Please file bug reports with GitHub’s issues system.

Change log

version 1.6.0 (01/09/2012)

  • Initial release

version 1.6.1 (06/09/2012)

  • Support for 64bit Windows

  • Bug fixes

  • Added documentation

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mjdorma from gravatar.com mjdorma

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache Software Licence)
  • Author: Michael Dorman
Classifiers

Release history Release notifications | RSS feed

1.7.7

1.7.6

1.7.5

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.5

1.6.4

1.6.3

1.6.2

This version

1.6.1

1.6.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

yara-1.6.1.zip (340.9 kB view details)

Uploaded Source

File details

Details for the file yara-1.6.1.zip.

File metadata

  • Download URL: yara-1.6.1.zip
  • Upload date:
  • Size: 340.9 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for yara-1.6.1.zip
Algorithm Hash digest
SHA256 05702e6a876a47c125aec3773129150c9d9abe5a5b33ed597f5d084a62954894
MD5 55dd51abcdf815727600516289940632
BLAKE2b-256 d73ff92a338839ba628265ac0c5e4df6ebdd04ea3c53c2f2125af59b1041b0f9

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page