GitHub - BitsOfBinary/yaraparser: Python 3 tool to parse Yara rules (extension of yarabuilder)
Skip to content
/ yaraparser Public

Python 3 tool to parse Yara rules (extension of yarabuilder)

License

MIT license
8 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

BitsOfBinary/yaraparser

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
tests
tests
 
 
yaraparser
yaraparser
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.rst
README.rst
 
 
setup.py
setup.py
 
 

Repository files navigation

yaraparser

Python 3 tool to parse Yara rules (extension of yarabuilder)

NOTE: this is still in early development (lots of edge cases to work out still)

Installation

yarabuilder requires Python 3+:

python setup.py install

Usage

Via the command line:

$ yaraparser --help
usage: yaraparser [-h] --file FILE

Parse Yara rules into a dictionary or Python object

optional arguments:
  -h, --help   show this help message and exit
  --file FILE  File containing Yara rules to parse

Via Python:

>>> import yaraparser
>>>
>>> rules = yaraparser.ParsedYaraRules()
>>>
>>> with open("test.yar", "r") as infile:
...     raw_rules = infile.read()
...
>>> rules.parse_yara_rules(raw_rules)
>>>
>>> print(rules.get_yara_rules())

About

Python 3 tool to parse Yara rules (extension of yarabuilder)

Topics

python yara yara-rules yara-parser

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages