All Projects → Hugal31 → yara-rust

Hugal31 / yara-rust

Licence: Apache-2.0, MIT licenses found Licenses found Apache-2.0 LICENSE-APACHE MIT LICENSE-MIT
Rust bindings for VirusTotal/Yara

Programming Languages

rust
11053 projects
c
50402 projects - #5 most used programming language

Projects that are alternatives of or similar to yara-rust

suitcase
Java Pattern Matching library
Stars: ✭ 21 (-40%)
Mutual labels:  pattern-matching
RustLabs
The Ultimate Workshop Track for #Rust Developer
Stars: ✭ 22 (-37.14%)
Mutual labels:  pattern-matching
swisscheese
Exploits for YARA 3.7.1 & 3.8.1
Stars: ✭ 26 (-25.71%)
Mutual labels:  yara
mole
Yara powered NIDS with high speed packet capture powered by PF_RING
Stars: ✭ 51 (+45.71%)
Mutual labels:  yara
go-pattern-match
Pattern matchings for Go.
Stars: ✭ 182 (+420%)
Mutual labels:  pattern-matching
mozjpeg-rust
Safe Rust wrapper for the MozJPEG library
Stars: ✭ 53 (+51.43%)
Mutual labels:  rust-bindings
liboqs-rust
Rust bindings for liboqs
Stars: ✭ 46 (+31.43%)
Mutual labels:  rust-bindings
bop
Bop is a very fast Boyer-Moore parser/matcher for String or Buffer patterns.
Stars: ✭ 15 (-57.14%)
Mutual labels:  pattern-matching
YaraSharp
C# wrapper around the Yara pattern matching library
Stars: ✭ 29 (-17.14%)
Mutual labels:  yara
libsmt.rs
Rust Bindings to interact with SMTLIB2 compliant solvers
Stars: ✭ 14 (-60%)
Mutual labels:  rust-bindings
squire
The medieval language held together by twine.
Stars: ✭ 42 (+20%)
Mutual labels:  pattern-matching
detection
Detection in the form of Yara, Snort and ClamAV signatures.
Stars: ✭ 70 (+100%)
Mutual labels:  yara
librxvm
non-backtracking NFA-based regular expression library, for C and Python
Stars: ✭ 57 (+62.86%)
Mutual labels:  pattern-matching
ctp-rs
A Rust wrapper of CTP API
Stars: ✭ 74 (+111.43%)
Mutual labels:  rust-bindings
Hyara
Yara rule making tool (IDA Pro & Binary Ninja & Cutter Plugin)
Stars: ✭ 142 (+305.71%)
Mutual labels:  yara
r2yara
r2yara - Module for Yara using radare2 information
Stars: ✭ 30 (-14.29%)
Mutual labels:  yara
yara-validator
Validates yara rules and tries to repair the broken ones.
Stars: ✭ 37 (+5.71%)
Mutual labels:  yara
dry-matcher
Flexible, expressive pattern matching for Ruby
Stars: ✭ 91 (+160%)
Mutual labels:  pattern-matching
Sig
The most powerful and customizable binary pattern scanner
Stars: ✭ 131 (+274.29%)
Mutual labels:  pattern-matching
PhishingKit-Yara-Search
Yara scan Phishing Kit's Zip archive(s)
Stars: ✭ 24 (-31.43%)
Mutual labels:  yara

yara-rust

Tests Status Crates.io Documentation

Bindings for the Yara library from VirusTotal.

More documentation can be found on the Yara's documentation.

Example

The implementation is inspired from yara-python.

const RULES: &str = r#"
    rule contains_rust {
      strings:
        $rust = "rust" nocase
      condition:
        $rust
    }
"#;

fn main() {
    let compiler = Compiler::new().unwrap();
    compiler.add_rules_str(RULES)
        .expect("Should have parsed rule");
    let rules = compiler.compile_rules()
        .expect("Should have compiled rules");
    let results = rules.scan_mem("I love Rust!".as_bytes(), 5)
        .expect("Should have scanned");
    assert!(results.iter().any(|r| r.identifier == "contains_rust"));
}

Features

  • Support from Yara v4.1.
  • Compile rules from strings or files.
  • Save and load compiled rules.
  • Scan byte arrays (&[u8]) or files.

Feature flags and Yara linking.

Look at the yara-sys crate documentation for a list of feature flags and how to link to your Yara crate.

TODO

  • Remove some unwrap on string conversions (currently this crate assume the rules, meta and namespace identifier are valid Rust's str).
  • Accept AsRef<Path> instead of &str on multiple functions.
  • Implement the scanner API.
  • Add process scanning.
  • Report the warnings to the user.

License

Licensed under either of

at your option.

Contributing

Please follow the conventional commit rules when committing to this repository.

If you add any new feature, add the corresponding unit/doc tests.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].