Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tree: 910ae90d2d
Fetching contributors…

Cannot retrieve contributors at this time

executable file 33 lines (27 sloc) 0.898 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
#!/usr/bin/env python
import yara, sys


class YaraScan:
  
  def __init__(self, file_to_scan):
    """docstring for __init__ """
    self.rules_files = {'Activities' : 'yara/capabilities.yara', 'File type' : 'yara/magic.yara', 'packer' : 'yara/packer.yara'}
    self.file_to_scan = file_to_scan
    self.file_content = open(file_to_scan, 'rb').read()
    self.results = []

  def scan_file(self):
    """docstring for scan_file"""
    rules = yara.compile(filepaths=self.rules_files)
    matches = rules.match(data=self.file_content)
    for m in matches:
      self.results.append(m.rule)

  def format(self):
    """docstring for format"""
    print 'Yara infos :'
    for i in self.results:
      print '\t%s' % (i)

if __name__ == '__main__':
  if len(sys.argv) > 1:
    y = YaraScan(sys.argv[1])
    y.scan_file()
    y.format()
  else:
    print '%s need file\'s path to scan' % sys.argv[0]
Something went wrong with that request. Please try again.