{"id":13546128,"url":"https://github.com/Hugal31/yara-rust","last_synced_at":"2025-04-02T17:32:41.444Z","repository":{"id":32495052,"uuid":"133056840","full_name":"Hugal31/yara-rust","owner":"Hugal31","description":"Rust bindings for VirusTotal/Yara","archived":false,"fork":false,"pushed_at":"2025-02-24T08:37:06.000Z","size":710,"stargazers_count":75,"open_issues_count":12,"forks_count":29,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-02-24T09:32:35.318Z","etag":null,"topics":["pattern-matching","rust","rust-bindings","yara"],"latest_commit_sha":null,"homepage":null,"language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Hugal31.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE-APACHE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-05-11T15:27:08.000Z","updated_at":"2025-02-24T08:37:11.000Z","dependencies_parsed_at":"2024-02-06T09:29:39.560Z","dependency_job_id":"a991cb31-d2ca-466b-a43a-0dcdb0873b68","html_url":"https://github.com/Hugal31/yara-rust","commit_stats":{"total_commits":283,"total_committers":18,"mean_commits":"15.722222222222221","dds":0.6289752650176679,"last_synced_commit":"ec62ae94a296761351e408027ff82a75972f79c7"},"previous_names":[],"tags_count":42,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Hugal31%2Fyara-rust","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Hugal31%2Fyara-rust/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Hugal31%2Fyara-rust/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Hugal31%2Fyara-rust/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Hugal31","download_url":"https://codeload.github.com/Hugal31/yara-rust/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246860298,"owners_count":20845638,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["pattern-matching","rust","rust-bindings","yara"],"created_at":"2024-08-01T12:00:32.256Z","updated_at":"2025-04-02T17:32:40.907Z","avatar_url":"https://github.com/Hugal31.png","language":"Rust","funding_links":[],"categories":["Threat Detection and Forensics","Tools","Malware Analysis"],"sub_categories":["Packing, Obfuscation, Encryption, Anti-analysis"],"readme":"# yara-rust\n\n[![Tests Status](https://github.com/Hugal31/yara-rust/actions/workflows/tests.yml/badge.svg)](https://github.com/Hugal31/yara-rust/actions/workflows/tests.yml)\n[![Crates.io](https://img.shields.io/crates/v/yara.svg)](https://crates.io/crates/yara)\n[![Documentation](https://docs.rs/yara/badge.svg)](https://docs.rs/yara)\n\nBindings for the [Yara library from VirusTotal](https://github.com/VirusTotal/yara).\n\nMore documentation can be found on [the Yara's documentation](https://yara.readthedocs.io/en/stable/index.html).\n\n## Example\n\nThe implementation is inspired from [yara-python](https://github.com/VirusTotal/yara-python).\n\n```rust\nconst RULES: \u0026str = r#\"\n    rule contains_rust {\n      strings:\n        $rust = \"rust\" nocase\n      condition:\n        $rust\n    }\n\"#;\n\nfn main() {\n    let compiler = Compiler::new().unwrap();\n    let compiler = compiler\n        .add_rules_str(RULES)\n        .expect(\"Should have parsed rule\");\n    let rules = compiler\n        .compile_rules()\n        .expect(\"Should have compiled rules\");\n    let results = rules\n        .scan_mem(\"I love Rust!\".as_bytes(), 5)\n        .expect(\"Should have scanned\");\n    assert!(results.iter().any(|r| r.identifier == \"contains_rust\"));\n}\n```\n\n## Features\n\n* Support from Yara v4.2.\n* Compile rules from strings or files.\n* Save and load compiled rules.\n* Scan byte arrays (`\u0026[u8]`) or files.\n\n## Feature flags and Yara linking.\n\nLook at the [yara-sys](yara-sys) crate documentation for a list of feature flags\nand how to link to your Yara crate.\n\n### TODO\n\n- [ ] Remove some `unwrap` on string conversions (currently this crate assume the rules, meta and namespace identifier are valid Rust's `str`).\n- [ ] Accept `AsRef\u003cPath\u003e` instead of `\u0026str` on multiple functions.\n- [x] Implement the scanner API.\n- [x] Add process scanning.\n- [x] Report the warnings to the user.\n\n## License\n\nLicensed under either of\n\n * Apache License, Version 2.0, ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0)\n * MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT)\n\nat your option.\n\n## Contributing\n\nPlease follow the [conventional commit][Conventional commit] rules when\ncommitting to this repository.\n\nIf you add any new feature, add the corresponding unit/doc tests.\n\n[Conventional commit]: https://www.conventionalcommits.org/en/v1.0.0/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FHugal31%2Fyara-rust","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FHugal31%2Fyara-rust","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FHugal31%2Fyara-rust/lists"}