https://github.com/techplayz32/yayaras

Yet Another YARA Scanner
https://github.com/techplayz32/yayaras

malware malware-analysis malware-research pyinstaller pyinstxtractor python scanner simple-ioc yara yara-rules yara-scanner

Last synced: 10 days ago
JSON representation

Yet Another YARA Scanner

• Host: GitHub
• URL: https://github.com/techplayz32/yayaras
• Owner: techplayz32
• License: gpl-3.0
• Created: 2025-02-23T13:32:40.000Z (8 months ago)
• Default Branch: master
• Last Pushed: 2025-02-26T11:10:12.000Z (8 months ago)
• Last Synced: 2025-06-03T09:18:29.130Z (4 months ago)
• Topics: malware, malware-analysis, malware-research, pyinstaller, pyinstxtractor, python, scanner, simple-ioc, yara, yara-rules, yara-scanner
• Language: Python
• Homepage:
• Size: 50.8 KB
• Stars: 2
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Yet Another YARA Scanner

Scanner for Simple Indicators and YARA rules, makes job gets easier. This project aimed on making scanning malware easier and researching new malware families, since there are many of new script kiddies around.

## Requirements

I suggest to use [UV](https://github.com/astral-sh/uv) for managing the project and adding own changes.

For the Python, it is recommended that version higher than `3.12`.

As for the dependencies, use `uv pip install/pip(x) install -r requirements.txt` to install dependencies from `requirements.txt`.

## Usage

The script can be run by passing the `index.yar` or specific rule from folder `rules` and filepath `malware.exe` as the arguments.

```bash

yayaras.py rules_path target_path

```

## Dependencies

```pip

argparse>=1.4.0

black>=25.1.0

logging>=0.4.9.6

yara-python>=4.5.1

```

## Supported Malware

You can see in [MALWARE.md](MALWARE.md) which malware supported and detected by YAYARAS, as well you can see which planed in the future.

## License

YAYARAS is open-source software licensed under the **GNU General Public License v3 (GPLv3)**. See the full [LICENSE](LICENSE) file for details.

This project uses code/executable from other open-source projects with their own licenses:

* **YAYARAS, [CAPEv2](https://github.com/kevoreilly/CAPEv2) (project + rules as a whole) and [pyinstxtractor](https://github.com/extremecoders-re/pyinstxtractor) (if used):** GPLv3 - [LICENSE](LICENSE) / [CAPEv2 LICENSE](https://github.com/kevoreilly/CAPEv2/blob/master/LICENSE)

* **[YARA](https://github.com/virustotal/yara):** BSD 3-Clause License - [LICENSE-BSD-3-Clause.txt](LICENSE-BSD-3-Clause.txt)

You should know and, do before changing code in YAYARAS that:

* YAYARAS is GPLv3 licensed. You can find the full GPLv3 license in the `LICENSE` file.

* YAYARAS uses YARA, which is licensed under the BSD 3-Clause License. The full BSD 3-Clause license is in `LICENSE-BSD-3-Clause.txt`.  **Please ensure you comply with the BSD 3-Clause license when using YARA.**

**For complete licensing terms, please refer to the full license files: [LICENSE](LICENSE) and [LICENSE-BSD-3-Clause.txt](LICENSE-BSD-3-Clause.txt).**