Latest version
## YARA GUI for Windows ## Features. Drag and drop targets. Directory scanning. Compiled rule cache. Favorite/recent rule menu. View strings and meta information. Entropy and data visualization. Command line startup scanning ## Download. YARA GUI 0.5 for Windows (32-bit)(YaraGui05.zip) ## Changes in Version 0.5. Update to libyara 3.6.1. Fix Windows path separators See revision. Completely identical) instead of fnding exact matches.YARA is a tool that specializes in this type of matching and has become a standard across the malware analysis community. YARA is a very popular open-source and multi-platform tool (it works with most hosts running Windows, Linux, or Mac operating systems) that provides a mechanism to exploit. Compiled binaries for Windows in both 32 and 64 bits flavors can be found in the link below. Just download the version of you want, unzip the archive, and put the yara.exeand yarac.exebinaries anywhere in your disk. To install the yara-pythonextension download an execute the installer. Installing YARA. Official Windows binaries can be found here. Unfortunately, as of the time of this writing, practically every Linux distribution’s repository contains an out-of-date version of YARA that has one or more security vulnerabilities. Follow the instructions below to compile and install the latest release with all features enabled.
Released:
Compile YARA rules to test against files or strings
Project description
What’s in yara-ctypes:
- A ctypes libyara wrapper module which exposes libyara’s exports into thePython runtime (see: yara-project’s libyara v1.7).
- A thread safe Rules object with an interface that is compatible with theinterface exposed in the yara-project CPython extension module.
- namespace management to allow easy loading of multiple YARA rules into asingle Rules matching object.
- Various Scanner class types to enable thread or process pool executionof matching requests over a Rules object.
- A feature rich command line interface that gives the user many options tocontrol how they may wish to perform a scan.
Why:
- ctypes releases the GIL on system function calls… Run your PC to itstrue potential.
- It simplifies things a lot by keeping high order logic such as managing rulespaths, filtering paths, controlling pooled execution, etc. inside of alanguage such as Python.
- No more building the PyC extension…
- I found a few bugs and memory leaks and wanted to make my life simple.
As a reference and guide to yara-ctypes see: yara-ctypes documentation
For additional tips / tricks with this wrapper feel free to post a question atthe github yara-ctypes/issues page.
Project hosting provided by github.com.
[mjdorma+yara-ctypes@gmail.com]
Install and run
Simply run the following:
or PyPi:
Note
If the package does not contain a pre-compiled libyara library for yourplatform you will need to build and install it. See notes on building.
Compatability
yara-ctypes is implemented to be compatible with Python 2.6+ and Python 3.x.It has been tested against the following Python implementations:
Ubuntu 12.04:
- CPython 2.7 (32bit, 64bit)
- CPython 3.2 (32bit, 64bit)
Ubuntu 11.10 :
- CPython 2.6 (32bit)
- CPython 2.7 (32bit)
- CPython 3.2 (32bit)
- CPython 3.3 (32bit)
Windows 7:
- CPython 2.6 (32bit, 64bit)
- CPython 3.2 (32bit, 64bit)
OS X Mountain Lion
- CPython 2.7 (64bit)
Continuous integration testing is provided by Travis CI.
Issues
Source code for yara-ctypes is hosted on GitHub.Please file bug reportswith GitHub’s issues system.
Change log
version 1.7.7 (27/05/2014)
- str conversion fix (contribution by David Cannings @olliencc)
version 1.7.6 (26/10/2013)
- now using setuptools for distribution
version 1.7.5 (13/09/2013)
- added CLI status thread
- improved process and thread completion code
version 1.7.4 (12/09/2013)
- added yar preprocessor
- fixed asynchronous counter bug
- solved the unyielded results issue
version 1.7.3 (28/04/2013)
- scan using a process pool or thread pool
- bug fixes and more testing
version 1.7.2 (19/04/2013)
- cli improvements
- bug fixes
version 1.7.1 (17/04/2013)
- StdinScanner
- overlap control for stream chunk enqueueing
version 1.7.0 (15/04/2013)
- ships with builds of libyara-1.7
- compatibility issues solves with yara-1.7’s interface changes
- major change up and improvement to the scan command line interface.
- a lot more testing
version 1.6.5 (12/04/2013)
- more tech in scan
- improved test
- bug fixes
version 1.6.4 (11/04/2013)
- supports py3.3
- additional test
- improved scan interface
- bug fixes
version 1.6.3 (08/03/2013)
- bug fix to yara.py (callback callable check)
version 1.6.2 (28/02/2013)
- support for OS X Mountain Lion
version 1.6.1 (06/09/2012)
- Support for 64bit Windows
- Bug fixes
- Added documentation
version 1.6.0 (01/09/2012)
- Initial release
Release historyRelease notifications | RSS feed
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.1
1.7.0
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
Yara Download Windows 7
1.6.0
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Filename, size | File type | Python version | Upload date | Hashes |
---|---|---|---|---|
Filename, size yara-1.7.7.tar.gz (387.2 kB) | File type Source | Python version None | Upload date | Hashes |
Yara Python Windows Download
CloseHashes for yara-1.7.7.tar.gz
Yara Download Windows 10
Algorithm | Hash digest |
---|---|
SHA256 | 3ee9cf577d3360c785973fcf62f762df21e1dcf05fa497740bc16ae23c1ea2e9 |
MD5 | 87f615af427bab78adf26c74099b8690 |
BLAKE2-256 | 3c43900e38a17c5035273a88652e1234a384fcf4bc0b557f762944a36144bb2f |