Compile YARA rules to test against files or strings

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mjdorma from gravatar.com mjdorma

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache Software Licence)
  • Author: Michael Dorman
Classifiers

Project description

What is yara-ctypes:

  • A powerful python wrapper for yara-project’s libyara v1.6.

  • Supports thread safe matching of YARA rules.

  • namespace management to allow easy loading of multiple YARA rules into a single libyara context.

  • Comes with a scan module which exposes a user CLI and demonstrates a pattern for executing match jobs across a thread pool.

Why:

  • ctypes releases the GIL on system function calls… Run your PC to its true potential.

  • No more building the PyC extension…

  • I found a few bugs and memory leaks and wanted to make my life simple.

As a reference and guide to yara-ctypes see: yara-ctypes documentation

For additional tips / tricks with this wrapper feel free to post a question at the github yara-ctypes/issues page.

Project hosting provided by github.com.

[mjdorma+yara-ctypes@gmail.com]

Install and run

Simply run the following:

> python setup.py install
> python setup.py test
> python -m yara.scan -h

or PyPi:

> pip install yara
> python -m yara.scan -h

Compatability

yara-ctypes is implemented to be compatible with Python 2.6+ and Python 3.x. It has been tested against the following Python implementations:

Ubuntu 12.04:

  • CPython 2.7 (32bit, 64bit)

  • CPython 3.2 (32bit, 64bit)

Ubuntu 11.10 build_status:

  • CPython 2.6 (32bit)

  • CPython 2.7 (32bit)

  • CPython 3.2 (32bit)

  • PyPy 1.9.0 (32bit)

Windows 7:

  • CPython 2.6 (32bit, 64bit)

  • CPython 3.2 (32bit, 64bit)

OS X Mountain Lion

  • CPython 2.7 (64bit)

Continuous integration testing is provided by Travis CI.

Issues

Source code for yara-ctypes is hosted on GitHub. Please file bug reports with GitHub’s issues system.

Change log

version 1.6.2 (28/02/2012)

  • support for OS X Mountain Lion

version 1.6.1 (06/09/2012)

  • Support for 64bit Windows

  • Bug fixes

  • Added documentation

version 1.6.0 (01/09/2012)

  • Initial release

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mjdorma from gravatar.com mjdorma

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache Software Licence)
  • Author: Michael Dorman
Classifiers

Release history Release notifications | RSS feed

1.7.7

1.7.6

1.7.5

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.5

1.6.4

1.6.3

This version

1.6.2

1.6.1

1.6.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

yara-1.6.2.tar.gz (370.3 kB view details)

Uploaded Source

File details

Details for the file yara-1.6.2.tar.gz.

File metadata

  • Download URL: yara-1.6.2.tar.gz
  • Upload date:
  • Size: 370.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for yara-1.6.2.tar.gz
Algorithm Hash digest
SHA256 8d9d09f956db0dae0af83b2b18acb9cca24aeb81acb04957d21cb61e215bfcef
MD5 2ef0b810b8685a666e9ca91a677a4d20
BLAKE2b-256 f67d3b0a8088c7241cf587642211f7a7f902c544c737dfe476755a85237aecc5

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page