yaralyzer 1.0.6__py3-none-any.whl → 1.0.8__py3-none-any.whl

yaralyzer/output/file_hashes_table.py

@@ -1,5 +1,5 @@
 """
-Methods for building Rich layout elements for display of results.
+Methods for computing and displaying various file hashes.
 """
 import hashlib
 from collections import namedtuple
@@ -14,11 +14,21 @@ BytesInfo = namedtuple('BytesInfo', ['size', 'md5', 'sha1', 'sha256'])
 
 
 def bytes_hashes_table(
-        bytes_or_bytes_info: Union[bytes, BytesInfo],
-        title: Optional[str] = None,
-        title_justify: str = LEFT
-    ) -> Table:
-    """Build a table to show the MD5, SHA1, SHA256, etc."""
+    bytes_or_bytes_info: Union[bytes, BytesInfo],
+    title: Optional[str] = None,
+    title_justify: str = LEFT
+) -> Table:
+    """
+    Build a Rich Table displaying the size, MD5, SHA1, and SHA256 hashes of a byte sequence.
+
+    Args:
+        bytes_or_bytes_info (Union[bytes, BytesInfo]): The bytes to hash, or a BytesInfo namedtuple with precomputed values.
+        title (Optional[str], optional): Optional title for the table. Defaults to None.
+        title_justify (str, optional): Justification for the table title. Defaults to LEFT.
+
+    Returns:
+        Table: A Rich Table object with the size and hash values.
+    """
     if isinstance(bytes_or_bytes_info, bytes):
         bytes_info = compute_file_hashes(bytes_or_bytes_info)
     else:
@@ -40,6 +50,15 @@ def bytes_hashes_table(
 
 
 def compute_file_hashes(_bytes: bytes) -> BytesInfo:
+    """
+    Compute the size, MD5, SHA1, and SHA256 hashes for a given byte sequence.
+
+    Args:
+        _bytes (bytes): The bytes to hash.
+
+    Returns:
+        BytesInfo: Namedtuple containing size, md5, sha1, and sha256 values.
+    """
     return BytesInfo(
         size=len(_bytes),
         md5=hashlib.md5(_bytes).hexdigest().upper(),
@@ -49,5 +68,14 @@ def compute_file_hashes(_bytes: bytes) -> BytesInfo:
 
 
 def compute_file_hashes_for_file(file_path) -> BytesInfo:
+    """
+    Compute the size, MD5, SHA1, and SHA256 hashes for the contents of a file.
+
+    Args:
+        file_path (str): Path to the file to hash.
+
+    Returns:
+        BytesInfo: Namedtuple containing size, md5, sha1, and sha256 values for the file contents.
+    """
     with open(file_path, 'rb') as file:
         return compute_file_hashes(file.read())

yaralyzer/output/regex_match_metrics.py

@@ -1,13 +1,4 @@
-"""
-Class to  measure what we enounter as we iterate over every single match of a relatively simple byte level regex
-(e.g. "bytes between quotes") against a relatively large pool of close to random encrypted binary data
-
-Things like how much many of our matched bytes were we able to decode easily vs. by force vs. not at all,
-were some encodings have a higher pct of success than others (indicating part of our mystery data might be encoded
-that way?
-
-TODO: use @dataclass decorator https://realpython.com/python-data-classes/
-"""
+"""RegexMatchMetrics class."""
 from collections import defaultdict
 
 from yaralyzer.decoding.bytes_decoder import BytesDecoder
@@ -15,6 +6,18 @@ from yaralyzer.util.logging import log
 
 
 class RegexMatchMetrics:
+    """
+    Class to  measure what we enounter as we iterate over every single match of a relatively simple byte level regex.
+
+    (e.g. "bytes between quotes") against a relatively large pool of close to random encrypted binary data.
+
+    Things like how much many of our matched bytes were we able to decode easily vs. by force vs. not at all,
+    were some encodings have a higher pct of success than others (indicating part of our mystery data might be encoded
+    that way?
+
+    TODO: use @dataclass decorator https://realpython.com/python-data-classes/
+    """
+
     def __init__(self) -> None:
         self.match_count = 0
         self.bytes_matched = 0

yaralyzer/output/rich_console.py

@@ -81,12 +81,13 @@ YARALYZER_THEME = Theme(YARALYZER_THEME_DICT)
 
 
 def console_width_possibilities():
+    """Returns a list of possible console widths, the first being the current terminal width."""
     # Subtract 2 from terminal cols just as a precaution in case things get weird
     return [get_terminal_size().columns - 2, DEFAULT_CONSOLE_WIDTH]
 
 
 def console_width() -> int:
-    """Current width set in console obj"""
+    """Current width set in console obj."""
     return console._width or 40
 
 
@@ -104,7 +105,7 @@ console = Console(theme=YARALYZER_THEME, color_system='256', highlight=False, wi
 
 
 def console_print_with_fallback(_string, style=None) -> None:
-    """Fallback to regular print() if there's a Markup issue"""
+    """Fallback to regular print() if there's a Markup issue."""
     try:
         console.print(_string, style=style)
     except MarkupError:
@@ -113,15 +114,29 @@ def console_print_with_fallback(_string, style=None) -> None:
 
 
 def theme_colors_with_prefix(prefix: str) -> List[Text]:
+    """Return a list of (name, style) Text objects for all styles in the theme that start with 'prefix'."""
     return [Text(k, v) for k, v in YARALYZER_THEME.styles.items() if k.startswith(prefix)]
 
 
 def print_fatal_error_and_exit(error_message: str) -> None:
+    """Print a fatal error message in a panel and exit."""
     console.line(1)
     print_header_panel(error_message, style='bold red reverse')
     console.line(1)
     exit()
 
 
-def print_header_panel(headline: str, style: str, expand: bool = True, padding: tuple = (0,2)) -> None:
+def print_header_panel(headline: str, style: str, expand: bool = True, padding: tuple = (0, 2)) -> None:
+    """
+    Print a headline inside a styled Rich Panel to the console.
+
+    Args:
+        headline (str): The text to display as the panel's headline.
+        style (str): The style to apply to the panel (e.g., color, bold, reverse).
+        expand (bool, optional): Whether the panel should expand to the full console width. Defaults to True.
+        padding (tuple, optional): Padding around the panel content (top/bottom, left/right). Defaults to (0, 2).
+
+    Returns:
+        None
+    """
     console.print(Panel(headline, box=box.DOUBLE_EDGE, style=style, expand=expand, padding=padding))

yaralyzer/util/argument_parser.py

@@ -1,3 +1,4 @@
+"""Argument parsing for yaralyzer CLI tool."""
 import logging
 import re
 import sys
@@ -78,8 +79,8 @@ source.add_argument('--regex-modifier', '-mod',
 # Fine tuning
 tuning = parser.add_argument_group(
     'FINE TUNING',
-    "Tune various aspects of the analyses and visualizations to your needs. As an example setting " + \
-        "a low --max-decode-length (or suppressing brute force binary decode attempts altogether) can " + \
+    "Tune various aspects of the analyses and visualizations to your needs. As an example setting " +
+        "a low --max-decode-length (or suppressing brute force binary decode attempts altogether) can " +
         "dramatically improve run times and only occasionally leads to a fatal lack of insight.")
 
 tuning.add_argument('--maximize-width', action='store_true',
@@ -119,14 +120,14 @@ tuning.add_argument('--min-chardet-bytes',
                     type=int)
 
 tuning.add_argument('--min-chardet-table-confidence',
-                    help="minimum chardet confidence to display the encoding name/score in the character " + \
+                    help="minimum chardet confidence to display the encoding name/score in the character " +
                          "decection scores table",
                     default=YaralyzerConfig.DEFAULT_MIN_CHARDET_TABLE_CONFIDENCE,
                     metavar='PCT_CONFIDENCE',
                     type=int)
 
 tuning.add_argument('--force-display-threshold',
-                    help="encodings with chardet confidence below this number will neither be displayed nor " + \
+                    help="encodings with chardet confidence below this number will neither be displayed nor " +
                          "decoded in the decodings table",
                     default=EncodingDetector.force_display_threshold,
                     metavar='PCT_CONFIDENCE',
@@ -134,9 +135,9 @@ tuning.add_argument('--force-display-threshold',
                     choices=CONFIDENCE_SCORE_RANGE)
 
 tuning.add_argument('--force-decode-threshold',
-                    help="extremely high (AKA 'above this number') confidence scores from chardet.detect() " + \
-                         "as to the likelihood some bytes were written with a particular encoding will cause " + \
-                         "the yaralyzer to attempt decoding those bytes in that encoding even if it is not a " + \
+                    help="extremely high (AKA 'above this number') confidence scores from chardet.detect() " +
+                         "as to the likelihood some bytes were written with a particular encoding will cause " +
+                         "the yaralyzer to attempt decoding those bytes in that encoding even if it is not a " +
                          "configured encoding",
                     default=EncodingDetector.force_decode_threshold,
                     metavar='PCT_CONFIDENCE',
@@ -159,8 +160,8 @@ tuning.add_argument('--yara-stack-size',
 # Export options
 export = parser.add_argument_group(
     'FILE EXPORT',
-    "Multiselect. Choosing nothing is choosing nothing. Sends what you see on the screen to various file " + \
-        "formats in parallel. Writes files to the current directory if --output-dir is not provided. " + \
+    "Multiselect. Choosing nothing is choosing nothing. Sends what you see on the screen to various file " +
+        "formats in parallel. Writes files to the current directory if --output-dir is not provided. " +
         "Filenames are expansions of the scanned filename though you can use --file-prefix to make your " +
         "filenames more unique and beautiful to their beholder.")
 
@@ -282,7 +283,7 @@ def parse_arguments(args: Optional[Namespace] = None):
 
 def get_export_basepath(args: Namespace, yaralyzer: Yaralyzer):
     file_prefix = (args.file_prefix + '_') if args.file_prefix else ''
-    args.output_basename =  f"{file_prefix}{yaralyzer._filename_string()}"
+    args.output_basename  = f"{file_prefix}{yaralyzer._filename_string()}"  # noqa: E221
     args.output_basename += f"__maxdecode{YaralyzerConfig.args.max_decode_length}"
     args.output_basename += ('_' + args.file_suffix) if args.file_suffix else ''
     return path.join(args.output_dir, args.output_basename + f"__at_{args.invoked_at_str}")

yaralyzer/util/logging.py

@@ -26,7 +26,7 @@ Python log levels for reference:
 """
 import logging
 import sys
-from os import environ, path
+from os import path
 from typing import Union
 
 from rich.logging import RichHandler
@@ -37,7 +37,7 @@ ARGPARSE_LOG_FORMAT = '{0: >30}    {1: <17} {2: <}\n'
 
 
 def configure_logger(log_label: str) -> logging.Logger:
-    """Set up a file or stream logger depending on the configuration"""
+    """Set up a file or stream logger depending on the configuration."""
     log_name = f"yaralyzer.{log_label}"
     logger = logging.getLogger(log_name)
 
@@ -71,13 +71,13 @@ if YaralyzerConfig.LOG_DIR:
 
 
 def log_and_print(msg: str, log_level='INFO'):
-    """Both print and log (at INFO level) a string"""
+    """Both print and log (at INFO level) a string."""
     log.log(logging.getLevelName(log_level), msg)
     print(msg)
 
 
 def log_current_config():
-    """Write current state of YaralyzerConfig object to the logs"""
+    """Write current state of YaralyzerConfig object to the logs."""
     msg = f"{YaralyzerConfig.__name__} current attributes:\n"
     config_dict = {k: v for k, v in vars(YaralyzerConfig).items() if not k.startswith('__')}
 
@@ -88,14 +88,14 @@ def log_current_config():
 
 
 def log_invocation() -> None:
-    """Log the command used to launch the yaralyzer to the invocation log"""
+    """Log the command used to launch the yaralyzer to the invocation log."""
     msg = f"THE INVOCATION: '{' '.join(sys.argv)}'"
     log.info(msg)
     invocation_log.info(msg)
 
 
 def log_argparse_result(args, label: str):
-    """Logs the result of argparse"""
+    """Logs the result of argparse."""
     args_dict = vars(args)
     log_msg = f'{label} argparse results:\n' + ARGPARSE_LOG_FORMAT.format('OPTION', 'TYPE', 'VALUE')
 

yaralyzer/yara/yara_match.py

@@ -97,7 +97,7 @@ def _rich_yara_match(element: Any, depth: int = 0) -> Text:
             list_txt = Text('[', style='white')
 
             if total_length > console_width() or len(element) > 3:
-                join_txt = Text(f"\n{indent}" )
+                join_txt = Text(f"\n{indent}")
                 list_txt.append(join_txt).append(Text(f",{join_txt}").join(elements_txt))
                 list_txt += Text(f'\n{end_indent}]', style='white')
             else:

yaralyzer/yara/yara_rule_builder.py

@@ -4,12 +4,11 @@ Builds bare bones YARA rules to match strings and regex patterns. Example rule s
 rule Just_A_Piano_Man {
     meta:
         author           = "Tim"
-	strings:
-		$hilton_producer = /Scott.*Storch/
-	condition:
-		$hilton_producer
+    strings:
+        $hilton_producer = /Scott.*Storch/
+    condition:
+        $hilton_producer
 }
-
 """
 import re
 from typing import Optional
@@ -60,12 +59,12 @@ rule {rule_name} {{
 
 
 def yara_rule_string(
-        pattern: str,
-        pattern_type: str = REGEX,
-        rule_name: str = YARALYZE,
-        pattern_label: Optional[str] = PATTERN,
-        modifier: Optional[str] = None
-    ) -> str:
+    pattern: str,
+    pattern_type: str = REGEX,
+    rule_name: str = YARALYZE,
+    pattern_label: Optional[str] = PATTERN,
+    modifier: Optional[str] = None
+) -> str:
     """Build a YARA rule string for a given pattern"""
     if not (modifier is None or modifier in YARA_REGEX_MODIFIERS):
         raise TypeError(f"Modifier '{modifier}' is not one of {YARA_REGEX_MODIFIERS}")
@@ -89,12 +88,12 @@ def yara_rule_string(
 
 
 def build_yara_rule(
-        pattern: str,
-        pattern_type: str = REGEX,
-        rule_name: str = YARALYZE,
-        pattern_label: Optional[str] = PATTERN,
-        modifier: Optional[str] = None
-    ) -> yara.Rule:
+    pattern: str,
+    pattern_type: str = REGEX,
+    rule_name: str = YARALYZE,
+    pattern_label: Optional[str] = PATTERN,
+    modifier: Optional[str] = None
+) -> yara.Rule:
     """Build a compiled YARA rule"""
     rule_string = yara_rule_string(pattern, pattern_type, rule_name, pattern_label, modifier)
     return yara.compile(source=rule_string)

yaralyzer/yaralyzer.py

@@ -1,15 +1,5 @@
-"""
-Central class that handles setting up / compiling rules and reading binary data from files as needed.
-Alternate constructors are provided depending on whether:
-    1. YARA rules are already compiled
-    2. YARA rules should be compiled from a string
-    3. YARA rules should be read from a file
-    4. YARA rules should be read from a directory of .yara files
-
-The real action happens in the __rich__console__() dunder method.
-"""
+"""Main Yaralyzer class and alternate constructors."""
 from os import path
-from sys import exit
 from typing import Iterator, List, Optional, Tuple, Union
 
 import yara
@@ -35,19 +25,42 @@ YARA_FILE_DOES_NOT_EXIST_ERROR_MSG = "is not a valid yara rules file (it doesn't
 
 # TODO: might be worth introducing a Scannable namedtuple or similar
 class Yaralyzer:
+    """
+    Central class that handles setting up / compiling rules and reading binary data from files as needed.
+
+    Alternate constructors are provided depending on whether:
+
+    * YARA rules are already compiled
+
+    * YARA rules should be compiled from a string
+
+    * YARA rules should be read from a file
+
+    * YARA rules should be read from a directory of .yara files
+
+    The real action happens in the __rich__console__() dunder method.
+    """
+
     def __init__(
-            self,
-            rules: Union[str, yara.Rules],
-            rules_label: str,
-            scannable: Union[bytes, str],
-            scannable_label: Optional[str] = None,
-            highlight_style: str = YaralyzerConfig.HIGHLIGHT_STYLE
-        ) -> None:
+        self,
+        rules: Union[str, yara.Rules],
+        rules_label: str,
+        scannable: Union[bytes, str],
+        scannable_label: Optional[str] = None,
+        highlight_style: str = YaralyzerConfig.HIGHLIGHT_STYLE
+    ) -> None:
         """
-        If rules is a string it will be compiled by yara
-        If scannable is bytes then scannable_label must be provided.
-        If scannable is a string it is assumed to be a file that bytes should be read from
-        and the scannable_label will be set to the file's basename.
+        Initialize a Yaralyzer instance for scanning binary data with YARA rules.
+
+        Args:
+            rules (Union[str, yara.Rules]): YARA rules to use for scanning. Can be a string (YARA rule source) or a pre-compiled yara.Rules object. If a string is provided, it will be compiled.
+            rules_label (str): Label to identify the ruleset in output and logs.
+            scannable (Union[bytes, str]): The data to scan. If bytes, raw data is scanned; if str, it is treated as a file path to load bytes from.
+            scannable_label (Optional[str], optional): Label for the scannable data. Required if scannable is bytes. If scannable is a file path, defaults to the file's basename.
+            highlight_style (str, optional): Style to use for highlighting matches in output. Defaults to YaralyzerConfig.HIGHLIGHT_STYLE.
+
+        Raises:
+            TypeError: If scannable is bytes and scannable_label is not provided.
         """
         if 'args' not in vars(YaralyzerConfig):
             YaralyzerConfig.set_default_args()
@@ -83,12 +96,12 @@ class Yaralyzer:
 
     @classmethod
     def for_rules_files(
-            cls,
-            yara_rules_files: List[str],
-            scannable: Union[bytes, str],
-            scannable_label: Optional[str] = None
-        ) -> 'Yaralyzer':
-        """Alternate constructor loads yara rules from files, labels rules w/filenames"""
+        cls,
+        yara_rules_files: List[str],
+        scannable: Union[bytes, str],
+        scannable_label: Optional[str] = None
+    ) -> 'Yaralyzer':
+        """Alternate constructor to load yara rules from files and label rules with the filenames."""
         if not isinstance(yara_rules_files, list):
             raise TypeError(f"{yara_rules_files} is not a list")
 
@@ -108,12 +121,12 @@ class Yaralyzer:
 
     @classmethod
     def for_rules_dirs(
-            cls,
-            dirs: List[str],
-            scannable: Union[bytes, str],
-            scannable_label: Optional[str] = None
-        ) -> 'Yaralyzer':
-        """Alternate constructor that will load all .yara files in yara_rules_dir"""
+        cls,
+        dirs: List[str],
+        scannable: Union[bytes, str],
+        scannable_label: Optional[str] = None
+    ) -> 'Yaralyzer':
+        """Alternate constructor that will load all .yara files in yara_rules_dir."""
         if not (isinstance(dirs, list) and all(path.isdir(dir) for dir in dirs)):
             raise TypeError(f"'{dirs}' is not a list of valid directories")
 
@@ -122,16 +135,16 @@ class Yaralyzer:
 
     @classmethod
     def for_patterns(
-            cls,
-            patterns: List[str],
-            patterns_type: str,
-            scannable: Union[bytes, str],
-            scannable_label: Optional[str] = None,
-            rules_label: Optional[str] = None,
-            pattern_label: Optional[str] = None,
-            regex_modifier: Optional[str] = None,
-        ) -> 'Yaralyzer':
-        """Constructor taking regex pattern strings. Rules label defaults to patterns joined by comma"""
+        cls,
+        patterns: List[str],
+        patterns_type: str,
+        scannable: Union[bytes, str],
+        scannable_label: Optional[str] = None,
+        rules_label: Optional[str] = None,
+        pattern_label: Optional[str] = None,
+        regex_modifier: Optional[str] = None,
+    ) -> 'Yaralyzer':
+        """Constructor taking regex pattern strings. Rules label defaults to patterns joined by comma."""
         rule_strings = []
 
         for i, pattern in enumerate(patterns):
@@ -150,7 +163,7 @@ class Yaralyzer:
         return cls(rules_string, rules_label, scannable, scannable_label)
 
     def yaralyze(self) -> None:
-        """Use YARA to find matches and then force decode them"""
+        """Use YARA to find matches and then force decode them."""
         console.print(self)
 
     def match_iterator(self) -> Iterator[Tuple[BytesMatch, BytesDecoder]]:
@@ -169,6 +182,7 @@ class Yaralyzer:
         self._print_non_matches()
 
     def _yara_callback(self, data: dict):
+        """YARA callback to handle matches and non-matches as they are discovered."""
         if data['matches']:
             self.matches.append(YaraMatch(data, self._panel_text()))
         else:
@@ -177,7 +191,7 @@ class Yaralyzer:
         return yara.CALLBACK_CONTINUE
 
     def _print_non_matches(self) -> None:
-        """Print info about the YARA rules that didn't match the bytes"""
+        """Print info about the YARA rules that didn't match the bytes."""
         if len(self.non_matches) == 0:
             return
 
@@ -186,7 +200,7 @@ class Yaralyzer:
         # Only show the non matches if there were valid ones, otherwise just show the number
         if len(self.matches) == 0:
             non_match_desc = f" did not match any of the {len(self.non_matches)} yara rules"
-            console.print(dim_if(self.__text__()  + Text(non_match_desc, style='grey'), True))
+            console.print(dim_if(self.__text__() + Text(non_match_desc, style='grey'), True))
             return
 
         non_match_desc = f" did not match the other {len(self.non_matches)} yara rules"
@@ -194,21 +208,21 @@ class Yaralyzer:
         console.print(Padding(Text(', ', 'white').join(non_matches_text), (0, 0, 1, 4)))
 
     def _panel_text(self) -> Text:
-        """Inverted colors for the panel at the top of the match section of the output"""
+        """Inverted colors for the panel at the top of the match section of the output."""
         styles = [reverse_color(YARALYZER_THEME.styles[f"yara.{s}"]) for s in ('scanned', 'rules')]
         return self.__text__(*styles)
 
     def _filename_string(self):
-        """The string to use when exporting this yaralyzer to SVG/HTML/etc"""
+        """The string to use when exporting this yaralyzer to SVG/HTML/etc."""
         return str(self).replace('>', '').replace('<', '').replace(' ', '_')
 
     def __text__(self, byte_style: str = 'yara.scanned', rule_style: str = 'yara.rules') -> Text:
-        """Text representation of this YARA scan (__text__() was taken)"""
+        """Text representation of this YARA scan (__text__() was taken)."""
         txt = Text('').append(self.scannable_label, style=byte_style or 'yara.scanned')
         return txt.append(' scanned with <').append(self.rules_label, style=rule_style or 'yara.rules').append('>')
 
     def __rich_console__(self, _console: Console, options: ConsoleOptions) -> RenderResult:
-        """Does the stuff. TODO: not the best place to put the core logic"""
+        """Does the stuff. TODO: not the best place to put the core logic."""
         yield bytes_hashes_table(self.bytes, self.scannable_label)
 
         for _bytes_match, bytes_decoder in self.match_iterator():
@@ -216,4 +230,5 @@ class Yaralyzer:
                 yield attempt
 
     def __str__(self) -> str:
+        """Plain text (no rich colors) representation of the scan for display."""
         return self.__text__().plain

{yaralyzer-1.0.6.dist-info → yaralyzer-1.0.8.dist-info}/METADATA

@@ -1,31 +1,33 @@
 Metadata-Version: 2.1
 Name: yaralyzer
-Version: 1.0.6
-Summary: Visualize and force decode YARA and regex matches found in a file or byte stream. With colors. Lots of colors.
+Version: 1.0.8
+Summary: Visualize and force decode YARA and regex matches found in a file or byte stream with colors. Lots of colors.
 Home-page: https://github.com/michelcrypt4d4mus/yaralyzer
 License: GPL-3.0-or-later
-Keywords: ascii art,binary,character encoding,color,cybersecurity,data visualization,decode,DFIR,encoding,infosec,maldoc,malicious,malware,malware analysis,regex,regular expressions,reverse engineering,reversing,security,threat assessment,threat hunting,threat intelligence,threat research,visualization,yara
+Keywords: ascii art,binary,character encoding,color,cybersecurity,data visualization,decode,DFIR,encoding,infosec,maldoc,malicious,malware,malware analysis,regex,regular expressions,reverse engineering,reversing,security,threat assessment,threat hunting,threat intelligence,threat research,threatintel,visualization,yara
 Author: Michel de Cryptadamus
 Author-email: michel@cryptadamus.com
-Requires-Python: >=3.9,<4.0
+Requires-Python: >=3.10,<4.0
 Classifier: Development Status :: 5 - Production/Stable
 Classifier: Environment :: Console
 Classifier: Intended Audience :: Information Technology
 Classifier: License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)
 Classifier: Programming Language :: Python
 Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
 Classifier: Topic :: Artistic Software
 Classifier: Topic :: Scientific/Engineering :: Visualization
 Classifier: Topic :: Security
 Requires-Dist: chardet (>=5.0.0,<6.0.0)
-Requires-Dist: python-dotenv (>=0.21.0,<0.22.0)
+Requires-Dist: python-dotenv (>=1.1.1,<2.0.0)
 Requires-Dist: rich (>=14.1.0,<15.0.0)
 Requires-Dist: rich-argparse-plus (>=0.3.1,<0.4.0)
 Requires-Dist: yara-python (>=4.5.4,<5.0.0)
-Project-URL: Documentation, https://github.com/michelcrypt4d4mus/yaralyzer
+Project-URL: Changelog, https://github.com/michelcrypt4d4mus/yaralyzer/blob/master/CHANGELOG.md
+Project-URL: Documentation, https://michelcrypt4d4mus.github.io/yaralyzer/
 Project-URL: Repository, https://github.com/michelcrypt4d4mus/yaralyzer
 Description-Content-Type: text/markdown
 
@@ -117,6 +119,9 @@ for bytes_match, bytes_decoder in yaralyzer.match_iterator():
     do_stuff()
 ```
 
+#### API Documentation
+Auto generated documentation for Yaralyzer's various classes and methods can be found [here](https://michelcrypt4d4mus.github.io/yaralyzer/).
+
 # Example Output
 The Yaralyzer can export visualizations to HTML, ANSI colored text, and SVG vector images using the file export functionality that comes with [Rich](https://github.com/Textualize/rich) as well as a (somewhat limited) plain text JSON format. SVGs can be turned into `png` format images with a tool like [Inkscape](https://inkscape.org/) or `cairosvg`. In our experience they both work though we've seen some glitchiness with `cairosvg`.
 

yaralyzer-1.0.8.dist-info/RECORD

@@ -0,0 +1,32 @@
+.yaralyzer.example,sha256=z3_mk41xxm0Pr_8MGM7AKQG0xEFRtGcyJLboMuelRp4,3504
+CHANGELOG.md,sha256=3PiqI0fAHynELKgzQFf0R7iQAEH47tXR6duTWiZ69nQ,3296
+LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
+yaralyzer/__init__.py,sha256=gqqIH5jb-rR9UFi-kETJmHlY4L-RGdMFahS2j24TKXU,2795
+yaralyzer/bytes_match.py,sha256=gCpRhHQyudH2Hqxdc5HVKcZ-E499kN-ckScG3i9S_lo,10934
+yaralyzer/config.py,sha256=CNpTnNaJBuDcS4jK-EOekiYtA3FIGa27SPzZn0YVDis,4483
+yaralyzer/decoding/bytes_decoder.py,sha256=vdJrGTYzR842fwY9nVqVu4pIujia3R9skwSTlNCUXaY,9859
+yaralyzer/decoding/decoding_attempt.py,sha256=lO7ihuvkxZZ16Nl5KS6WTb4FfmpbMB-ogGVw6OeUDw8,8564
+yaralyzer/encoding_detection/character_encodings.py,sha256=KklTVt9YpPtMYUp-XjCk32M2te1k1yJW12QpytkyRd4,5465
+yaralyzer/encoding_detection/encoding_assessment.py,sha256=SszGxFXGdoAI35Ba2bjSTLoTg6mhTyVZKd-h3qQVqjo,2505
+yaralyzer/encoding_detection/encoding_detector.py,sha256=f43Db4kFuqBNtKdzwEYlxpX4BXY3yhcINwX10PF3bMw,4991
+yaralyzer/helpers/bytes_helper.py,sha256=JV0xUMEf1HZO7VTts1G5lyJy7aon6OF6RarHyzi8HTA,10155
+yaralyzer/helpers/dict_helper.py,sha256=rhyu-xlpl4yevXdLZUIgVwap0b57O9I3DNAEv8MfTlI,186
+yaralyzer/helpers/file_helper.py,sha256=iieakYcZ4xgoKdy1CbHpYdqmUopwLpcfXdq2V0QVJpo,1258
+yaralyzer/helpers/list_helper.py,sha256=zX6VzJDbnyxuwQpth5Mc7k7yeJytqWPzpo1v5nXCMtE,394
+yaralyzer/helpers/rich_text_helper.py,sha256=b5Pong_mmUlwFYfM91Dvbfsg6GdQG-Lw9fCXSQMAy2I,4266
+yaralyzer/helpers/string_helper.py,sha256=8XsvYlKn-fGhKihfJBOG6mqi5nV_8LM-IWgHzvkRgCc,933
+yaralyzer/output/decoding_attempts_table.py,sha256=x6AViJqAj7ept92OXWl9-PVk8MyBSyYt62mUgJjsP7U,4040
+yaralyzer/output/file_export.py,sha256=5voZi5nujj1YBYo3WinxiPvArrDJrJHC8o1ogPvUPdA,2970
+yaralyzer/output/file_hashes_table.py,sha256=xHk18Xs6Kx6Wf15Y7MUyC5Ndjf-qvzpv8Kd64v2KsVo,2563
+yaralyzer/output/regex_match_metrics.py,sha256=_3G4xhK0os1Ll8oNS9alaJciWRtdUFxu2oGYsNUHLy4,3070
+yaralyzer/output/rich_console.py,sha256=2GHMgFYZrpZ_Q-8AAiAgQXEHqvGSE0L_1BwOZXw_dw0,5009
+yaralyzer/util/argument_parser.py,sha256=XRAS6eraCdrGZRK1ybKppR3Tr7razbg4MnMD2vDq8Po,12971
+yaralyzer/util/logging.py,sha256=BKVDDIy1eh3vdZ4aoYdemukCatxB2kYNuMd0RnYDbT8,4244
+yaralyzer/yara/yara_match.py,sha256=F_1tn1ynbTwzOWSblis02DlVunn-vY3IPX8QjJhukMs,5118
+yaralyzer/yara/yara_rule_builder.py,sha256=P7NPzMMz03V1rDH3PMwb3VAbpBFD-oLNkiCIJAtLa7A,2990
+yaralyzer/yaralyzer.py,sha256=FJsyThTDWhROfQm7FoWpCJ0plfFh5xq5HgikJJ_2t2w,10209
+yaralyzer-1.0.8.dist-info/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
+yaralyzer-1.0.8.dist-info/METADATA,sha256=onnGZCtkMOq5mlgYB8UkB_0woJu8FtN7fR52w8Zyxu0,11107
+yaralyzer-1.0.8.dist-info/WHEEL,sha256=d2fvjOD7sXsVzChCqf0Ty0JbHKBaLYwDbGQDwQTnJ50,88
+yaralyzer-1.0.8.dist-info/entry_points.txt,sha256=7LnLJrNTfql0vuctjRWwp_ZD-BYvtv9ENVipdjuT7XI,136
+yaralyzer-1.0.8.dist-info/RECORD,,