yaralyzer 1.0.1__py3-none-any.whl → 1.0.3__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of yaralyzer might be problematic. Click here for more details.

Files changed (7) hide show
  1. CHANGELOG.md +6 -0
  2. yaralyzer/output/file_export.py +2 -3
  3. {yaralyzer-1.0.1.dist-info → yaralyzer-1.0.3.dist-info}/METADATA +8 -9
  4. {yaralyzer-1.0.1.dist-info → yaralyzer-1.0.3.dist-info}/RECORD +7 -7
  5. {yaralyzer-1.0.1.dist-info → yaralyzer-1.0.3.dist-info}/LICENSE +0 -0
  6. {yaralyzer-1.0.1.dist-info → yaralyzer-1.0.3.dist-info}/WHEEL +0 -0
  7. {yaralyzer-1.0.1.dist-info → yaralyzer-1.0.3.dist-info}/entry_points.txt +0 -0
CHANGELOG.md CHANGED
@@ -1,5 +1,11 @@
1
1
  # NEXT RELEASE
2
2
 
3
+ ### 1.0.3
4
+ * Upgrade `rich` to 14.1.0
5
+
6
+ ### 1.0.2
7
+ * Upgrade `yara-python` to 4.5.4
8
+
3
9
  ### 1.0.1
4
10
  * Fix iteration of byte offsets during attempted decodes for UTF-16 and UTF-32 (was starting at second byte instead of first)
5
11
  * Label the byte offset for forced UTF-16 and UTF-32 decodes
yaralyzer/output/file_export.py CHANGED
@@ -1,8 +1,7 @@
1
1
  import json
2
2
  import time
3
- from argparse import Namespace
4
- from pathlib import Path
5
3
  from os import path
4
+ from typing import Optional
6
5
 
7
6
  from rich.terminal_theme import TerminalTheme
8
7
 
@@ -51,7 +50,7 @@ _EXPORT_KWARGS = {
51
50
  }
52
51
 
53
52
 
54
- def export_json(yaralyzer: Yaralyzer, output_basepath: str | None) -> str:
53
+ def export_json(yaralyzer: Yaralyzer, output_basepath: Optional[str]) -> str:
55
54
  """Export YARA scan results to JSON. Returns the path to the output file that was written."""
56
55
  output_path = f"{output_basepath or 'yara_matches'}.json"
57
56
 
{yaralyzer-1.0.1.dist-info → yaralyzer-1.0.3.dist-info}/METADATA RENAMED
@@ -1,10 +1,10 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: yaralyzer
3
- Version: 1.0.1
3
+ Version: 1.0.3
4
4
  Summary: Visualize and force decode YARA and regex matches found in a file or byte stream. With colors. Lots of colors.
5
5
  Home-page: https://github.com/michelcrypt4d4mus/yaralyzer
6
6
  License: GPL-3.0-or-later
7
- Keywords: ascii art,binary,character encoding,color,decode,encoding,malware,malware analysis,regex,regular expressions,reverse engineering,threat assessment,visualization,yara
7
+ Keywords: ascii art,binary,character encoding,color,cybersecurity,data visualization,decode,DFIR,encoding,infosec,maldoc,malicious,malware,malware analysis,regex,regular expressions,reverse engineering,reversing,security,threat assessment,threat hunting,threat intelligence,threat research,visualization,yara
8
8
  Author: Michel de Cryptadamus
9
9
  Author-email: michel@cryptadamus.com
10
10
  Requires-Python: >=3.9,<4.0
@@ -15,11 +15,11 @@ Classifier: Programming Language :: Python :: 3.10
15
15
  Classifier: Programming Language :: Python :: 3.11
16
16
  Classifier: Topic :: Scientific/Engineering :: Visualization
17
17
  Classifier: Topic :: Security
18
- Requires-Dist: chardet (>=5.0.0,<6.0.0)
18
+ Requires-Dist: chardet (>=5.2.0,<6.0.0)
19
19
  Requires-Dist: python-dotenv (>=0.21.0,<0.22.0)
20
- Requires-Dist: rich (>=12.5.1,<13.0.0)
20
+ Requires-Dist: rich (>=14.1.0,<15.0.0)
21
21
  Requires-Dist: rich-argparse-plus (>=0.3.1,<0.4.0)
22
- Requires-Dist: yara-python (>=4.3.0,<5.0.0)
22
+ Requires-Dist: yara-python (>=4.5.4,<5.0.0)
23
23
  Project-URL: Documentation, https://github.com/michelcrypt4d4mus/yaralyzer
24
24
  Project-URL: Repository, https://github.com/michelcrypt4d4mus/yaralyzer
25
25
  Description-Content-Type: text/markdown
@@ -130,10 +130,9 @@ The Yaralyzer can export visualizations to HTML, ANSI colored text, and SVG vect
130
130
  ![](https://github.com/michelcrypt4d4mus/yaralyzer/raw/master/doc/rendered_images/decoding_and_chardet_table_2.png)
131
131
 
132
132
 
133
- # TODO
134
- * For some reason when displaying matches the output to a file iterates over all matches in a different way than just running in the console. Presumably this is related to the `rich` rendering engine in some way. For now the console output is the "more correct" one so it's generally OK. See [`issue_with_output_to_console_correct`](doc/rendered_images/issue_with_output_to_console_correct.png) vs. [`issue_with_output_to_txt_file_incorrect.png`](doc/rendered_images/issue_with_output_to_txt_file_incorrect.png)
135
- * highlight decodes done at `chardet`s behest
136
- * deal with repetitive matches
133
+ # Contributing
134
+ Contributions are more than welcome; see [CONTRIBUTING.md](CONTRIBUTING.md) for details on environment setup, running the test suite, etc. There's also a TODO list over there of work that needs to be done.
135
+
137
136
 
138
137
  [^1]: As I was until recently.
139
138
 
{yaralyzer-1.0.1.dist-info → yaralyzer-1.0.3.dist-info}/RECORD RENAMED
@@ -1,5 +1,5 @@
1
1
  .yaralyzer.example,sha256=z3_mk41xxm0Pr_8MGM7AKQG0xEFRtGcyJLboMuelRp4,3504
2
- CHANGELOG.md,sha256=5DIUFaaTQpYkCLKYotRBpBZUMILJgP4ECtqla9zKJRY,2539
2
+ CHANGELOG.md,sha256=aRsqAryK_fZLlof0I7f-es6dd6WUvAcfQpoJcvdvR98,2621
3
3
  yaralyzer/__init__.py,sha256=YItEM_QKbLUj-6QZg2ZINrTzPQZ1IHOjGgoxmRR2buA,2703
4
4
  yaralyzer/bytes_match.py,sha256=ShAxI_jZYElG1w-FJ9wNF-5SReL2uv-iJTiQQS3VTM0,8213
5
5
  yaralyzer/config.py,sha256=VU5RTQwbNV3Ai02p4mAjiJrbL30gjjf9xBGl4IOh0Qs,3927
@@ -15,7 +15,7 @@ yaralyzer/helpers/list_helper.py,sha256=r3YUMkkVvl5R5VBzc3rxCzyPW_Nxhj5CRinBCHs9
15
15
  yaralyzer/helpers/rich_text_helper.py,sha256=elkWt2LoV_FnajK-UadEs_gPWSBE7NSsyJHN1eQsmgw,4213
16
16
  yaralyzer/helpers/string_helper.py,sha256=AT2_CAgpvtp8GiUSKLTiDoToDD3tBB9BbrlX-s2bL7o,932
17
17
  yaralyzer/output/decoding_attempts_table.py,sha256=x6AViJqAj7ept92OXWl9-PVk8MyBSyYt62mUgJjsP7U,4040
18
- yaralyzer/output/file_export.py,sha256=YfF5D8aHOUQHwV0akFaaSMafbhdhUakvipadpq6HZmk,2927
18
+ yaralyzer/output/file_export.py,sha256=9GkAg742yA6isQYg0t7isklT5cfDaVtIABNdiTwQ1BY,2902
19
19
  yaralyzer/output/file_hashes_table.py,sha256=SnS2ip8dSeHoycQ0Ng3Gtpv9rXJSkKnvD2krTuhNg7s,1632
20
20
  yaralyzer/output/regex_match_metrics.py,sha256=deJPaVnhpy-AUX6PCE_jbPLIlmfIOtl-cEVWsiFp3KY,3003
21
21
  yaralyzer/output/rich_console.py,sha256=NJi6LjvoOfFXm9Kq9TQbZ3P32C5nQtahccUMEY_Ykpw,4248
@@ -24,8 +24,8 @@ yaralyzer/util/logging.py,sha256=6N-JrQfAbVdCMYvqJ3MUHMchSwFN9208-0giWvX4OYY,424
24
24
  yaralyzer/yara/yara_match.py,sha256=4_26eaJT9I0PULiCdxerQtX4TfAIwcT-B6GJociGM9A,5119
25
25
  yaralyzer/yara/yara_rule_builder.py,sha256=kAa3RBojM5GEaXDJjKZODAyx6yj34AlkOnQhACAFfZM,3021
26
26
  yaralyzer/yaralyzer.py,sha256=f1y8qST6GZHEWl7nDNEBWpQuYjnsJ8dm9nGPWqZ4Hkk,9417
27
- yaralyzer-1.0.1.dist-info/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
28
- yaralyzer-1.0.1.dist-info/METADATA,sha256=oWGgWkTQelQydVVU4o9rDqaxHayeGOn6c7-EI2DrlpI,10795
29
- yaralyzer-1.0.1.dist-info/WHEEL,sha256=d2fvjOD7sXsVzChCqf0Ty0JbHKBaLYwDbGQDwQTnJ50,88
30
- yaralyzer-1.0.1.dist-info/entry_points.txt,sha256=7LnLJrNTfql0vuctjRWwp_ZD-BYvtv9ENVipdjuT7XI,136
31
- yaralyzer-1.0.1.dist-info/RECORD,,
27
+ yaralyzer-1.0.3.dist-info/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
28
+ yaralyzer-1.0.3.dist-info/METADATA,sha256=6g6zqpxrzts0FjKVfpr30cNCdI9bBQGDdmWzu4wz2SU,10554
29
+ yaralyzer-1.0.3.dist-info/WHEEL,sha256=d2fvjOD7sXsVzChCqf0Ty0JbHKBaLYwDbGQDwQTnJ50,88
30
+ yaralyzer-1.0.3.dist-info/entry_points.txt,sha256=7LnLJrNTfql0vuctjRWwp_ZD-BYvtv9ENVipdjuT7XI,136
31
+ yaralyzer-1.0.3.dist-info/RECORD,,