yaralyzer 1.0.7__py3-none-any.whl → 1.0.8__py3-none-any.whl

yaralyzer/helpers/bytes_helper.py

@@ -25,15 +25,35 @@ HEX_CHARS_PER_LINE = HEX_CHARS_PER_GROUP * HEX_GROUPS_PER_LINE
 
 
 def get_bytes_before_and_after_match(_bytes: bytes, match: re.Match, num_before=None, num_after=None) -> bytes:
-    """
-    Get all bytes from num_before the start of the sequence up until num_after the end of the sequence
-    num_before and num_after will both default to the env var/CLI options having to do with surrounding
-    bytes. If only num_before is provided then num_after will use it as a default.
+    r"""
+    Get bytes before and after a regex match within a byte sequence.
+
+    Args:
+        _bytes (bytes): The full byte sequence.
+        match (re.Match): The regex match object.
+        num_before (int, optional): Number of bytes before the match to include. Defaults to config.
+        num_after (int, optional): Number of bytes after the match to include. Defaults to either config or num_before value.
+
+    Returns:
+        bytes: The surrounding bytes including the match.
     """
     return get_bytes_surrounding_range(_bytes, match.start(), match.end(), num_before, num_after)
 
 
 def get_bytes_surrounding_range(_bytes: bytes, start_idx: int, end_idx: int, num_before=None, num_after=None) -> bytes:
+    r"""
+    Get bytes surrounding a specified range in a byte sequence.
+
+    Args:
+        _bytes (bytes): The full byte sequence.
+        start_idx (int): Start index of the range.
+        end_idx (int): End index of the range.
+        num_before (int, optional): Number of bytes before the range. Defaults to config.
+        num_after (int, optional): Number of bytes after the range. Defaults to config.
+
+    Returns:
+        bytes: The surrounding bytes including the range.
+    """
     num_after = num_after or num_before or YaralyzerConfig.args.surrounding_bytes
     num_before = num_before or YaralyzerConfig.args.surrounding_bytes
     start_idx = max(start_idx - num_before, 0)
@@ -42,7 +62,16 @@ def get_bytes_surrounding_range(_bytes: bytes, start_idx: int, end_idx: int, num
 
 
 def clean_byte_string(bytes_array: bytes) -> str:
-    """Gives you a string representation of bytes w/no cruft e.g. '\x80\nx44' instead of "b'\x80\nx44'"."""
+    r"""
+    Return a clean string representation of bytes, without Python's b'' or b"" wrappers.
+    e.g. '\x80\nx44' instead of "b'\x80\nx44'".
+
+    Args:
+        bytes_array (bytes): The bytes to convert.
+
+    Returns:
+        str: Clean string representation of the bytes.
+    """
     byte_printer = Console(file=StringIO())
     byte_printer.out(bytes_array, end='')
     bytestr = byte_printer.file.getvalue()
@@ -58,7 +87,16 @@ def clean_byte_string(bytes_array: bytes) -> str:
 
 
 def rich_text_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
-    """Print raw bytes to a Text object, highlighing the bytes in the bytes_match BytesMatch"""
+    r"""
+    Return a rich Text object of raw bytes, highlighting the matched bytes.
+
+    Args:
+        _bytes (bytes): The full byte sequence.
+        bytes_match (BytesMatch): The BytesMatch object indicating which bytes to highlight.
+
+    Returns:
+        Text: Rich Text object with highlighted match.
+    """
     surrounding_bytes_str = clean_byte_string(_bytes)
     highlighted_bytes_str = clean_byte_string(bytes_match.bytes)
     highlighted_bytes_str_length = len(highlighted_bytes_str)
@@ -72,6 +110,16 @@ def rich_text_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
 
 
 def hex_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
+    r"""
+    Return a hexadecimal view of raw bytes, highlighting the matched bytes.
+
+    Args:
+        _bytes (bytes): The full byte sequence.
+        bytes_match (BytesMatch): The BytesMatch object indicating which bytes to highlight.
+
+    Returns:
+        Text: Rich Text object with highlighted match in hex view.
+    """
     hex_str = hex_text(_bytes)
     highlight_start_idx = bytes_match.highlight_start_idx * 3
     highlight_end_idx = bytes_match.highlight_end_idx * 3
@@ -81,6 +129,16 @@ def hex_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
 
 
 def ascii_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
+    r"""
+    Return an ASCII view of raw bytes, highlighting the matched bytes.
+
+    Args:
+        _bytes (bytes): The full byte sequence.
+        bytes_match (BytesMatch): The BytesMatch object indicating which bytes to highlight.
+
+    Returns:
+        Text: Rich Text object with highlighted match in ASCII view.
+    """
     txt = Text('', style=BYTES)
 
     for i, b in enumerate(_bytes):
@@ -113,23 +171,54 @@ def ascii_view_of_raw_bytes(_bytes: bytes, bytes_match: BytesMatch) -> Text:
 
 
 def hex_text(_bytes: bytes) -> Text:
+    r"""
+    Return a rich Text object of the hex string for the given bytes.
+
+    Args:
+        _bytes (bytes): The bytes to convert.
+
+    Returns:
+        Text: Rich Text object of the hex string.
+    """
     return Text(hex_string(_bytes), style=GREY)
 
 
 def hex_string(_bytes: bytes) -> str:
+    r"""
+    Return a hex string representation of the given bytes.
+
+    Args:
+        _bytes (bytes): The bytes to convert.
+
+    Returns:
+        str: Hex string representation of the bytes.
+    """
     return ' '.join([hex(b).removeprefix('0x').rjust(2, '0') for i, b in enumerate(_bytes)])
 
 
 def print_bytes(bytes_array: bytes, style=None) -> None:
-    """Convert bytes to a string representation and print to console"""
+    r"""
+    Print a string representation of bytes to the console.
+
+    Args:
+        bytes_array (bytes): The bytes to print.
+        style (str, optional): Style to use for printing. Defaults to 'bytes'.
+    """
     for line in bytes_array.split(NEWLINE_BYTE):
         console.print(escape(clean_byte_string(line)), style=style or 'bytes')
 
 
 def truncate_for_encoding(_bytes: bytes, encoding: str) -> bytes:
-    """
-    Truncate bytes to the a modulus of the char width of the given encoding.
-    For utf-16 this means truncate to a multiple of 2, for utf-32 to a multiple of 4.
+    r"""
+    Truncate bytes to a multiple of the character width for the given encoding.
+    For example, for utf-16 this means truncating to a multiple of 2, for utf-32 to a multiple of 4.
+
+    Args:
+        _bytes (bytes): The bytes to truncate.
+        encoding (str): The encoding to consider.
+
+    Returns:
+        bytes: Truncated bytes.
     """
     char_width = encoding_width(encoding)
     num_bytes = len(_bytes)
@@ -142,11 +231,19 @@ def truncate_for_encoding(_bytes: bytes, encoding: str) -> bytes:
 
 
 def _find_str_rep_of_bytes(surrounding_bytes_str: str, highlighted_bytes_str: str, highlighted_bytes: BytesMatch):
-    """
-    Find the position of bytes_str in surrounding_byte_str. Both args are raw text dumps of binary data.
-    Because strings are longer than bytes (stuff like '\xcc' are 4 chars when printed are one byte and
-    the ANSI unprintables include stuff like 'NegativeAcknowledgement' which is over 20 chars) they represent
-    so we have to re-find the location to highlight the bytes correctly.
+    r"""
+    Find the position of the highlighted bytes string within the surrounding bytes string.
+
+    Both arguments are string representations of binary data. This is needed because the string
+    representation of bytes can be longer than the actual bytes (e.g., '\\xcc' is 4 chars for 1 byte).
+
+    Args:
+        surrounding_bytes_str (str): String representation of the full byte sequence.
+        highlighted_bytes_str (str): String representation of the matched bytes.
+        highlighted_bytes (BytesMatch): The BytesMatch object for context.
+
+    Returns:
+        int: The index in the surrounding string where the highlighted bytes start, or -1 if not found.
     """
     # Start a few chars in to avoid errors: sometimes we're searching for 1 or 2 bytes and there's a false positive
     # in the extra bytes. Tthis isn't perfect - it's starting us at the first index into the *bytes* that's safe to

yaralyzer/helpers/dict_helper.py

@@ -4,5 +4,5 @@ Help with dicts.
 
 
 def get_dict_key_by_value(_dict: dict, value):
-    """Inverse of the usual dict operation"""
+    """Inverse of the usual dict operation."""
     return list(_dict.keys())[list(_dict.values()).index(value)]

yaralyzer/helpers/file_helper.py

@@ -7,12 +7,12 @@ from typing import List, Optional
 
 
 def timestamp_for_filename() -> str:
-    """Returns a string showing current time in a file name friendly format"""
+    """Returns a string showing current time in a file name friendly format."""
     return datetime.now().strftime("%Y-%m-%dT%H.%M.%S")
 
 
 def files_in_dir(dir: str, with_extname: Optional[str] = None) -> List[str]:
-    """paths for non dot files, optionally ending in 'with_extname'"""
+    """paths for non dot files, optionally ending in 'with_extname'."""
     files = [path.join(dir, path.basename(file)) for file in listdir(dir) if not file.startswith('.')]
     files = [file for file in files if not path.isdir(file)]
 
@@ -27,7 +27,7 @@ def files_with_extname(files: List[str], extname: str) -> List[str]:
 
 
 def load_word_list(file_path):
-    """For very simple files (1 col CSVs, if you wll)"""
+    """For very simple files (1 col CSVs, if you will)."""
     with open(file_path, 'r') as f:
         return [line.rstrip().lstrip() for line in f.readlines()]
 

yaralyzer/helpers/rich_text_helper.py

@@ -1,5 +1,6 @@
 """
 Methods to handle turning various objects into Rich text/table/etc representations
+
 Rich colors: https://rich.readthedocs.io/en/stable/appendix/colors.html
 TODO: interesting colors # row_styles[0] = 'reverse bold on color(144)' <-
 """
@@ -41,12 +42,12 @@ def na_txt(style: Union[str, Style] = 'white'):
 
 
 def prefix_with_style(_str: str, style: str, root_style=None) -> Text:
-    """Sometimes you need a Text() object to start plain lest the underline or whatever last forever"""
+    """Sometimes you need a Text() object to start plain lest the underline or whatever last forever."""
     return Text('', style=root_style or 'white') + Text(_str, style)
 
 
 def meter_style(meter_pct):
-    """For coloring numbers between 0 and 100 (AKA pcts). Closer to 100 means greener, closer to 0.0 means bluer"""
+    """For coloring numbers between 0 and 100 (AKA pcts). Closer to 100 means greener, closer to 0.0 means bluer."""
     if meter_pct > 100 or meter_pct < 0:
         log.warning(f"Invalid meter_pct: {meter_pct}")
 
@@ -81,7 +82,7 @@ def dim_if(txt: Union[str, Text], is_dim: bool, style: Union[str, None] = None):
 
 
 def reverse_color(style: Style) -> Style:
-    """Reverses the color for a given style"""
+    """Reverses the color for a given style."""
     return Style(color=style.bgcolor, bgcolor=style.color, underline=style.underline, bold=style.bold)
 
 
@@ -104,7 +105,7 @@ def show_color_theme(styles: dict) -> None:
 
 
 def size_text(num_bytes: int) -> Text:
-    """Convert a number of bytes into (e.g.) 54,213 bytes (52 KB)"""
+    """Convert a number of bytes into (e.g.) 54,213 bytes (52 KB)."""
     kb_txt = prefix_with_style("{:,.1f}".format(num_bytes / 1024), style='bright_cyan', root_style='white')
     kb_txt.append(' kb ')
     bytes_txt = Text('(', 'white') + size_in_bytes_text(num_bytes) + Text(')')
@@ -116,4 +117,5 @@ def size_in_bytes_text(num_bytes: int) -> Text:
 
 
 def newline_join(texts: List[Text]) -> Text:
+    """Join a list of Text objects with newlines between them."""
     return Text("\n").join(texts)

yaralyzer/helpers/string_helper.py

@@ -17,7 +17,7 @@ def line_count(_string: str) -> int:
 
 
 def hex_to_string(_string: str) -> str:
-    """String '0D 0A 25 25 45 4F 46 0D 0A' becomes '\r\n%%EOF\r\n'"""
+    r"""String '0D 0A 25 25 45 4F 46 0D 0A' becomes '\r\n%%EOF\r\n'"""
     return bytearray.fromhex(_string.replace(' ', '')).decode()
 
 

yaralyzer/output/file_export.py

@@ -1,3 +1,4 @@
+"""Functions to export Yaralyzer results to various file formats."""
 import json
 import time
 from os import path

yaralyzer/output/file_hashes_table.py

@@ -1,5 +1,5 @@
 """
-Methods for building Rich layout elements for display of results.
+Methods for computing and displaying various file hashes.
 """
 import hashlib
 from collections import namedtuple
@@ -18,7 +18,17 @@ def bytes_hashes_table(
     title: Optional[str] = None,
     title_justify: str = LEFT
 ) -> Table:
-    """Build a table to show the MD5, SHA1, SHA256, etc."""
+    """
+    Build a Rich Table displaying the size, MD5, SHA1, and SHA256 hashes of a byte sequence.
+
+    Args:
+        bytes_or_bytes_info (Union[bytes, BytesInfo]): The bytes to hash, or a BytesInfo namedtuple with precomputed values.
+        title (Optional[str], optional): Optional title for the table. Defaults to None.
+        title_justify (str, optional): Justification for the table title. Defaults to LEFT.
+
+    Returns:
+        Table: A Rich Table object with the size and hash values.
+    """
     if isinstance(bytes_or_bytes_info, bytes):
         bytes_info = compute_file_hashes(bytes_or_bytes_info)
     else:
@@ -40,6 +50,15 @@ def bytes_hashes_table(
 
 
 def compute_file_hashes(_bytes: bytes) -> BytesInfo:
+    """
+    Compute the size, MD5, SHA1, and SHA256 hashes for a given byte sequence.
+
+    Args:
+        _bytes (bytes): The bytes to hash.
+
+    Returns:
+        BytesInfo: Namedtuple containing size, md5, sha1, and sha256 values.
+    """
     return BytesInfo(
         size=len(_bytes),
         md5=hashlib.md5(_bytes).hexdigest().upper(),
@@ -49,5 +68,14 @@ def compute_file_hashes(_bytes: bytes) -> BytesInfo:
 
 
 def compute_file_hashes_for_file(file_path) -> BytesInfo:
+    """
+    Compute the size, MD5, SHA1, and SHA256 hashes for the contents of a file.
+
+    Args:
+        file_path (str): Path to the file to hash.
+
+    Returns:
+        BytesInfo: Namedtuple containing size, md5, sha1, and sha256 values for the file contents.
+    """
     with open(file_path, 'rb') as file:
         return compute_file_hashes(file.read())

yaralyzer/output/regex_match_metrics.py

@@ -1,13 +1,4 @@
-"""
-Class to  measure what we enounter as we iterate over every single match of a relatively simple byte level regex
-(e.g. "bytes between quotes") against a relatively large pool of close to random encrypted binary data
-
-Things like how much many of our matched bytes were we able to decode easily vs. by force vs. not at all,
-were some encodings have a higher pct of success than others (indicating part of our mystery data might be encoded
-that way?
-
-TODO: use @dataclass decorator https://realpython.com/python-data-classes/
-"""
+"""RegexMatchMetrics class."""
 from collections import defaultdict
 
 from yaralyzer.decoding.bytes_decoder import BytesDecoder
@@ -15,6 +6,18 @@ from yaralyzer.util.logging import log
 
 
 class RegexMatchMetrics:
+    """
+    Class to  measure what we enounter as we iterate over every single match of a relatively simple byte level regex.
+
+    (e.g. "bytes between quotes") against a relatively large pool of close to random encrypted binary data.
+
+    Things like how much many of our matched bytes were we able to decode easily vs. by force vs. not at all,
+    were some encodings have a higher pct of success than others (indicating part of our mystery data might be encoded
+    that way?
+
+    TODO: use @dataclass decorator https://realpython.com/python-data-classes/
+    """
+
     def __init__(self) -> None:
         self.match_count = 0
         self.bytes_matched = 0

yaralyzer/output/rich_console.py

@@ -81,12 +81,13 @@ YARALYZER_THEME = Theme(YARALYZER_THEME_DICT)
 
 
 def console_width_possibilities():
+    """Returns a list of possible console widths, the first being the current terminal width."""
     # Subtract 2 from terminal cols just as a precaution in case things get weird
     return [get_terminal_size().columns - 2, DEFAULT_CONSOLE_WIDTH]
 
 
 def console_width() -> int:
-    """Current width set in console obj"""
+    """Current width set in console obj."""
     return console._width or 40
 
 
@@ -104,7 +105,7 @@ console = Console(theme=YARALYZER_THEME, color_system='256', highlight=False, wi
 
 
 def console_print_with_fallback(_string, style=None) -> None:
-    """Fallback to regular print() if there's a Markup issue"""
+    """Fallback to regular print() if there's a Markup issue."""
     try:
         console.print(_string, style=style)
     except MarkupError:
@@ -113,10 +114,12 @@ def console_print_with_fallback(_string, style=None) -> None:
 
 
 def theme_colors_with_prefix(prefix: str) -> List[Text]:
+    """Return a list of (name, style) Text objects for all styles in the theme that start with 'prefix'."""
     return [Text(k, v) for k, v in YARALYZER_THEME.styles.items() if k.startswith(prefix)]
 
 
 def print_fatal_error_and_exit(error_message: str) -> None:
+    """Print a fatal error message in a panel and exit."""
     console.line(1)
     print_header_panel(error_message, style='bold red reverse')
     console.line(1)
@@ -124,4 +127,16 @@ def print_fatal_error_and_exit(error_message: str) -> None:
 
 
 def print_header_panel(headline: str, style: str, expand: bool = True, padding: tuple = (0, 2)) -> None:
+    """
+    Print a headline inside a styled Rich Panel to the console.
+
+    Args:
+        headline (str): The text to display as the panel's headline.
+        style (str): The style to apply to the panel (e.g., color, bold, reverse).
+        expand (bool, optional): Whether the panel should expand to the full console width. Defaults to True.
+        padding (tuple, optional): Padding around the panel content (top/bottom, left/right). Defaults to (0, 2).
+
+    Returns:
+        None
+    """
     console.print(Panel(headline, box=box.DOUBLE_EDGE, style=style, expand=expand, padding=padding))

yaralyzer/util/argument_parser.py

@@ -1,3 +1,4 @@
+"""Argument parsing for yaralyzer CLI tool."""
 import logging
 import re
 import sys

yaralyzer/util/logging.py

@@ -37,7 +37,7 @@ ARGPARSE_LOG_FORMAT = '{0: >30}    {1: <17} {2: <}\n'
 
 
 def configure_logger(log_label: str) -> logging.Logger:
-    """Set up a file or stream logger depending on the configuration"""
+    """Set up a file or stream logger depending on the configuration."""
     log_name = f"yaralyzer.{log_label}"
     logger = logging.getLogger(log_name)
 
@@ -71,13 +71,13 @@ if YaralyzerConfig.LOG_DIR:
 
 
 def log_and_print(msg: str, log_level='INFO'):
-    """Both print and log (at INFO level) a string"""
+    """Both print and log (at INFO level) a string."""
     log.log(logging.getLevelName(log_level), msg)
     print(msg)
 
 
 def log_current_config():
-    """Write current state of YaralyzerConfig object to the logs"""
+    """Write current state of YaralyzerConfig object to the logs."""
     msg = f"{YaralyzerConfig.__name__} current attributes:\n"
     config_dict = {k: v for k, v in vars(YaralyzerConfig).items() if not k.startswith('__')}
 
@@ -88,14 +88,14 @@ def log_current_config():
 
 
 def log_invocation() -> None:
-    """Log the command used to launch the yaralyzer to the invocation log"""
+    """Log the command used to launch the yaralyzer to the invocation log."""
     msg = f"THE INVOCATION: '{' '.join(sys.argv)}'"
     log.info(msg)
     invocation_log.info(msg)
 
 
 def log_argparse_result(args, label: str):
-    """Logs the result of argparse"""
+    """Logs the result of argparse."""
     args_dict = vars(args)
     log_msg = f'{label} argparse results:\n' + ARGPARSE_LOG_FORMAT.format('OPTION', 'TYPE', 'VALUE')
 

yaralyzer/yaralyzer.py

@@ -1,13 +1,4 @@
-"""
-Central class that handles setting up / compiling rules and reading binary data from files as needed.
-Alternate constructors are provided depending on whether:
-    1. YARA rules are already compiled
-    2. YARA rules should be compiled from a string
-    3. YARA rules should be read from a file
-    4. YARA rules should be read from a directory of .yara files
-
-The real action happens in the __rich__console__() dunder method.
-"""
+"""Main Yaralyzer class and alternate constructors."""
 from os import path
 from typing import Iterator, List, Optional, Tuple, Union
 
@@ -34,6 +25,22 @@ YARA_FILE_DOES_NOT_EXIST_ERROR_MSG = "is not a valid yara rules file (it doesn't
 
 # TODO: might be worth introducing a Scannable namedtuple or similar
 class Yaralyzer:
+    """
+    Central class that handles setting up / compiling rules and reading binary data from files as needed.
+
+    Alternate constructors are provided depending on whether:
+
+    * YARA rules are already compiled
+
+    * YARA rules should be compiled from a string
+
+    * YARA rules should be read from a file
+
+    * YARA rules should be read from a directory of .yara files
+
+    The real action happens in the __rich__console__() dunder method.
+    """
+
     def __init__(
         self,
         rules: Union[str, yara.Rules],
@@ -43,10 +50,17 @@ class Yaralyzer:
         highlight_style: str = YaralyzerConfig.HIGHLIGHT_STYLE
     ) -> None:
         """
-        If rules is a string it will be compiled by yara
-        If scannable is bytes then scannable_label must be provided.
-        If scannable is a string it is assumed to be a file that bytes should be read from
-        and the scannable_label will be set to the file's basename.
+        Initialize a Yaralyzer instance for scanning binary data with YARA rules.
+
+        Args:
+            rules (Union[str, yara.Rules]): YARA rules to use for scanning. Can be a string (YARA rule source) or a pre-compiled yara.Rules object. If a string is provided, it will be compiled.
+            rules_label (str): Label to identify the ruleset in output and logs.
+            scannable (Union[bytes, str]): The data to scan. If bytes, raw data is scanned; if str, it is treated as a file path to load bytes from.
+            scannable_label (Optional[str], optional): Label for the scannable data. Required if scannable is bytes. If scannable is a file path, defaults to the file's basename.
+            highlight_style (str, optional): Style to use for highlighting matches in output. Defaults to YaralyzerConfig.HIGHLIGHT_STYLE.
+
+        Raises:
+            TypeError: If scannable is bytes and scannable_label is not provided.
         """
         if 'args' not in vars(YaralyzerConfig):
             YaralyzerConfig.set_default_args()
@@ -87,7 +101,7 @@ class Yaralyzer:
         scannable: Union[bytes, str],
         scannable_label: Optional[str] = None
     ) -> 'Yaralyzer':
-        """Alternate constructor loads yara rules from files, labels rules w/filenames"""
+        """Alternate constructor to load yara rules from files and label rules with the filenames."""
         if not isinstance(yara_rules_files, list):
             raise TypeError(f"{yara_rules_files} is not a list")
 
@@ -112,7 +126,7 @@ class Yaralyzer:
         scannable: Union[bytes, str],
         scannable_label: Optional[str] = None
     ) -> 'Yaralyzer':
-        """Alternate constructor that will load all .yara files in yara_rules_dir"""
+        """Alternate constructor that will load all .yara files in yara_rules_dir."""
         if not (isinstance(dirs, list) and all(path.isdir(dir) for dir in dirs)):
             raise TypeError(f"'{dirs}' is not a list of valid directories")
 
@@ -130,7 +144,7 @@ class Yaralyzer:
         pattern_label: Optional[str] = None,
         regex_modifier: Optional[str] = None,
     ) -> 'Yaralyzer':
-        """Constructor taking regex pattern strings. Rules label defaults to patterns joined by comma"""
+        """Constructor taking regex pattern strings. Rules label defaults to patterns joined by comma."""
         rule_strings = []
 
         for i, pattern in enumerate(patterns):
@@ -149,7 +163,7 @@ class Yaralyzer:
         return cls(rules_string, rules_label, scannable, scannable_label)
 
     def yaralyze(self) -> None:
-        """Use YARA to find matches and then force decode them"""
+        """Use YARA to find matches and then force decode them."""
         console.print(self)
 
     def match_iterator(self) -> Iterator[Tuple[BytesMatch, BytesDecoder]]:
@@ -168,6 +182,7 @@ class Yaralyzer:
         self._print_non_matches()
 
     def _yara_callback(self, data: dict):
+        """YARA callback to handle matches and non-matches as they are discovered."""
         if data['matches']:
             self.matches.append(YaraMatch(data, self._panel_text()))
         else:
@@ -176,7 +191,7 @@ class Yaralyzer:
         return yara.CALLBACK_CONTINUE
 
     def _print_non_matches(self) -> None:
-        """Print info about the YARA rules that didn't match the bytes"""
+        """Print info about the YARA rules that didn't match the bytes."""
         if len(self.non_matches) == 0:
             return
 
@@ -193,21 +208,21 @@ class Yaralyzer:
         console.print(Padding(Text(', ', 'white').join(non_matches_text), (0, 0, 1, 4)))
 
     def _panel_text(self) -> Text:
-        """Inverted colors for the panel at the top of the match section of the output"""
+        """Inverted colors for the panel at the top of the match section of the output."""
         styles = [reverse_color(YARALYZER_THEME.styles[f"yara.{s}"]) for s in ('scanned', 'rules')]
         return self.__text__(*styles)
 
     def _filename_string(self):
-        """The string to use when exporting this yaralyzer to SVG/HTML/etc"""
+        """The string to use when exporting this yaralyzer to SVG/HTML/etc."""
         return str(self).replace('>', '').replace('<', '').replace(' ', '_')
 
     def __text__(self, byte_style: str = 'yara.scanned', rule_style: str = 'yara.rules') -> Text:
-        """Text representation of this YARA scan (__text__() was taken)"""
+        """Text representation of this YARA scan (__text__() was taken)."""
         txt = Text('').append(self.scannable_label, style=byte_style or 'yara.scanned')
         return txt.append(' scanned with <').append(self.rules_label, style=rule_style or 'yara.rules').append('>')
 
     def __rich_console__(self, _console: Console, options: ConsoleOptions) -> RenderResult:
-        """Does the stuff. TODO: not the best place to put the core logic"""
+        """Does the stuff. TODO: not the best place to put the core logic."""
         yield bytes_hashes_table(self.bytes, self.scannable_label)
 
         for _bytes_match, bytes_decoder in self.match_iterator():
@@ -215,4 +230,5 @@ class Yaralyzer:
                 yield attempt
 
     def __str__(self) -> str:
+        """Plain text (no rich colors) representation of the scan for display."""
         return self.__text__().plain