yaralyzer 1.0.7__py3-none-any.whl → 1.0.8__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of yaralyzer might be problematic. Click here for more details.
- CHANGELOG.md +6 -0
- yaralyzer/__init__.py +5 -0
- yaralyzer/bytes_match.py +109 -18
- yaralyzer/config.py +17 -5
- yaralyzer/decoding/bytes_decoder.py +31 -9
- yaralyzer/decoding/decoding_attempt.py +7 -7
- yaralyzer/encoding_detection/character_encodings.py +2 -1
- yaralyzer/encoding_detection/encoding_assessment.py +8 -2
- yaralyzer/encoding_detection/encoding_detector.py +14 -9
- yaralyzer/helpers/bytes_helper.py +112 -15
- yaralyzer/helpers/dict_helper.py +1 -1
- yaralyzer/helpers/file_helper.py +3 -3
- yaralyzer/helpers/rich_text_helper.py +6 -4
- yaralyzer/helpers/string_helper.py +1 -1
- yaralyzer/output/file_export.py +1 -0
- yaralyzer/output/file_hashes_table.py +30 -2
- yaralyzer/output/regex_match_metrics.py +13 -10
- yaralyzer/output/rich_console.py +17 -2
- yaralyzer/util/argument_parser.py +1 -0
- yaralyzer/util/logging.py +5 -5
- yaralyzer/yaralyzer.py +39 -23
- {yaralyzer-1.0.7.dist-info → yaralyzer-1.0.8.dist-info}/METADATA +8 -6
- yaralyzer-1.0.8.dist-info/RECORD +32 -0
- yaralyzer-1.0.7.dist-info/RECORD +0 -32
- {yaralyzer-1.0.7.dist-info → yaralyzer-1.0.8.dist-info}/LICENSE +0 -0
- {yaralyzer-1.0.7.dist-info → yaralyzer-1.0.8.dist-info}/WHEEL +0 -0
- {yaralyzer-1.0.7.dist-info → yaralyzer-1.0.8.dist-info}/entry_points.txt +0 -0
|
@@ -1,20 +1,19 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: yaralyzer
|
|
3
|
-
Version: 1.0.
|
|
4
|
-
Summary: Visualize and force decode YARA and regex matches found in a file or byte stream
|
|
3
|
+
Version: 1.0.8
|
|
4
|
+
Summary: Visualize and force decode YARA and regex matches found in a file or byte stream with colors. Lots of colors.
|
|
5
5
|
Home-page: https://github.com/michelcrypt4d4mus/yaralyzer
|
|
6
6
|
License: GPL-3.0-or-later
|
|
7
7
|
Keywords: ascii art,binary,character encoding,color,cybersecurity,data visualization,decode,DFIR,encoding,infosec,maldoc,malicious,malware,malware analysis,regex,regular expressions,reverse engineering,reversing,security,threat assessment,threat hunting,threat intelligence,threat research,threatintel,visualization,yara
|
|
8
8
|
Author: Michel de Cryptadamus
|
|
9
9
|
Author-email: michel@cryptadamus.com
|
|
10
|
-
Requires-Python: >=3.
|
|
10
|
+
Requires-Python: >=3.10,<4.0
|
|
11
11
|
Classifier: Development Status :: 5 - Production/Stable
|
|
12
12
|
Classifier: Environment :: Console
|
|
13
13
|
Classifier: Intended Audience :: Information Technology
|
|
14
14
|
Classifier: License :: OSI Approved :: GNU General Public License v3 or later (GPLv3+)
|
|
15
15
|
Classifier: Programming Language :: Python
|
|
16
16
|
Classifier: Programming Language :: Python :: 3
|
|
17
|
-
Classifier: Programming Language :: Python :: 3.9
|
|
18
17
|
Classifier: Programming Language :: Python :: 3.10
|
|
19
18
|
Classifier: Programming Language :: Python :: 3.11
|
|
20
19
|
Classifier: Programming Language :: Python :: 3.12
|
|
@@ -23,12 +22,12 @@ Classifier: Topic :: Artistic Software
|
|
|
23
22
|
Classifier: Topic :: Scientific/Engineering :: Visualization
|
|
24
23
|
Classifier: Topic :: Security
|
|
25
24
|
Requires-Dist: chardet (>=5.0.0,<6.0.0)
|
|
26
|
-
Requires-Dist: python-dotenv (>=
|
|
25
|
+
Requires-Dist: python-dotenv (>=1.1.1,<2.0.0)
|
|
27
26
|
Requires-Dist: rich (>=14.1.0,<15.0.0)
|
|
28
27
|
Requires-Dist: rich-argparse-plus (>=0.3.1,<0.4.0)
|
|
29
28
|
Requires-Dist: yara-python (>=4.5.4,<5.0.0)
|
|
30
29
|
Project-URL: Changelog, https://github.com/michelcrypt4d4mus/yaralyzer/blob/master/CHANGELOG.md
|
|
31
|
-
Project-URL: Documentation, https://github.
|
|
30
|
+
Project-URL: Documentation, https://michelcrypt4d4mus.github.io/yaralyzer/
|
|
32
31
|
Project-URL: Repository, https://github.com/michelcrypt4d4mus/yaralyzer
|
|
33
32
|
Description-Content-Type: text/markdown
|
|
34
33
|
|
|
@@ -120,6 +119,9 @@ for bytes_match, bytes_decoder in yaralyzer.match_iterator():
|
|
|
120
119
|
do_stuff()
|
|
121
120
|
```
|
|
122
121
|
|
|
122
|
+
#### API Documentation
|
|
123
|
+
Auto generated documentation for Yaralyzer's various classes and methods can be found [here](https://michelcrypt4d4mus.github.io/yaralyzer/).
|
|
124
|
+
|
|
123
125
|
# Example Output
|
|
124
126
|
The Yaralyzer can export visualizations to HTML, ANSI colored text, and SVG vector images using the file export functionality that comes with [Rich](https://github.com/Textualize/rich) as well as a (somewhat limited) plain text JSON format. SVGs can be turned into `png` format images with a tool like [Inkscape](https://inkscape.org/) or `cairosvg`. In our experience they both work though we've seen some glitchiness with `cairosvg`.
|
|
125
127
|
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
.yaralyzer.example,sha256=z3_mk41xxm0Pr_8MGM7AKQG0xEFRtGcyJLboMuelRp4,3504
|
|
2
|
+
CHANGELOG.md,sha256=3PiqI0fAHynELKgzQFf0R7iQAEH47tXR6duTWiZ69nQ,3296
|
|
3
|
+
LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
|
|
4
|
+
yaralyzer/__init__.py,sha256=gqqIH5jb-rR9UFi-kETJmHlY4L-RGdMFahS2j24TKXU,2795
|
|
5
|
+
yaralyzer/bytes_match.py,sha256=gCpRhHQyudH2Hqxdc5HVKcZ-E499kN-ckScG3i9S_lo,10934
|
|
6
|
+
yaralyzer/config.py,sha256=CNpTnNaJBuDcS4jK-EOekiYtA3FIGa27SPzZn0YVDis,4483
|
|
7
|
+
yaralyzer/decoding/bytes_decoder.py,sha256=vdJrGTYzR842fwY9nVqVu4pIujia3R9skwSTlNCUXaY,9859
|
|
8
|
+
yaralyzer/decoding/decoding_attempt.py,sha256=lO7ihuvkxZZ16Nl5KS6WTb4FfmpbMB-ogGVw6OeUDw8,8564
|
|
9
|
+
yaralyzer/encoding_detection/character_encodings.py,sha256=KklTVt9YpPtMYUp-XjCk32M2te1k1yJW12QpytkyRd4,5465
|
|
10
|
+
yaralyzer/encoding_detection/encoding_assessment.py,sha256=SszGxFXGdoAI35Ba2bjSTLoTg6mhTyVZKd-h3qQVqjo,2505
|
|
11
|
+
yaralyzer/encoding_detection/encoding_detector.py,sha256=f43Db4kFuqBNtKdzwEYlxpX4BXY3yhcINwX10PF3bMw,4991
|
|
12
|
+
yaralyzer/helpers/bytes_helper.py,sha256=JV0xUMEf1HZO7VTts1G5lyJy7aon6OF6RarHyzi8HTA,10155
|
|
13
|
+
yaralyzer/helpers/dict_helper.py,sha256=rhyu-xlpl4yevXdLZUIgVwap0b57O9I3DNAEv8MfTlI,186
|
|
14
|
+
yaralyzer/helpers/file_helper.py,sha256=iieakYcZ4xgoKdy1CbHpYdqmUopwLpcfXdq2V0QVJpo,1258
|
|
15
|
+
yaralyzer/helpers/list_helper.py,sha256=zX6VzJDbnyxuwQpth5Mc7k7yeJytqWPzpo1v5nXCMtE,394
|
|
16
|
+
yaralyzer/helpers/rich_text_helper.py,sha256=b5Pong_mmUlwFYfM91Dvbfsg6GdQG-Lw9fCXSQMAy2I,4266
|
|
17
|
+
yaralyzer/helpers/string_helper.py,sha256=8XsvYlKn-fGhKihfJBOG6mqi5nV_8LM-IWgHzvkRgCc,933
|
|
18
|
+
yaralyzer/output/decoding_attempts_table.py,sha256=x6AViJqAj7ept92OXWl9-PVk8MyBSyYt62mUgJjsP7U,4040
|
|
19
|
+
yaralyzer/output/file_export.py,sha256=5voZi5nujj1YBYo3WinxiPvArrDJrJHC8o1ogPvUPdA,2970
|
|
20
|
+
yaralyzer/output/file_hashes_table.py,sha256=xHk18Xs6Kx6Wf15Y7MUyC5Ndjf-qvzpv8Kd64v2KsVo,2563
|
|
21
|
+
yaralyzer/output/regex_match_metrics.py,sha256=_3G4xhK0os1Ll8oNS9alaJciWRtdUFxu2oGYsNUHLy4,3070
|
|
22
|
+
yaralyzer/output/rich_console.py,sha256=2GHMgFYZrpZ_Q-8AAiAgQXEHqvGSE0L_1BwOZXw_dw0,5009
|
|
23
|
+
yaralyzer/util/argument_parser.py,sha256=XRAS6eraCdrGZRK1ybKppR3Tr7razbg4MnMD2vDq8Po,12971
|
|
24
|
+
yaralyzer/util/logging.py,sha256=BKVDDIy1eh3vdZ4aoYdemukCatxB2kYNuMd0RnYDbT8,4244
|
|
25
|
+
yaralyzer/yara/yara_match.py,sha256=F_1tn1ynbTwzOWSblis02DlVunn-vY3IPX8QjJhukMs,5118
|
|
26
|
+
yaralyzer/yara/yara_rule_builder.py,sha256=P7NPzMMz03V1rDH3PMwb3VAbpBFD-oLNkiCIJAtLa7A,2990
|
|
27
|
+
yaralyzer/yaralyzer.py,sha256=FJsyThTDWhROfQm7FoWpCJ0plfFh5xq5HgikJJ_2t2w,10209
|
|
28
|
+
yaralyzer-1.0.8.dist-info/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
|
|
29
|
+
yaralyzer-1.0.8.dist-info/METADATA,sha256=onnGZCtkMOq5mlgYB8UkB_0woJu8FtN7fR52w8Zyxu0,11107
|
|
30
|
+
yaralyzer-1.0.8.dist-info/WHEEL,sha256=d2fvjOD7sXsVzChCqf0Ty0JbHKBaLYwDbGQDwQTnJ50,88
|
|
31
|
+
yaralyzer-1.0.8.dist-info/entry_points.txt,sha256=7LnLJrNTfql0vuctjRWwp_ZD-BYvtv9ENVipdjuT7XI,136
|
|
32
|
+
yaralyzer-1.0.8.dist-info/RECORD,,
|
yaralyzer-1.0.7.dist-info/RECORD
DELETED
|
@@ -1,32 +0,0 @@
|
|
|
1
|
-
.yaralyzer.example,sha256=z3_mk41xxm0Pr_8MGM7AKQG0xEFRtGcyJLboMuelRp4,3504
|
|
2
|
-
CHANGELOG.md,sha256=UHpQ3BD0GvGKBE6uX9MrUvLyK0qDi_bY7BlElM9JuWk,3001
|
|
3
|
-
LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
|
|
4
|
-
yaralyzer/__init__.py,sha256=xR5L4w3HQYiQeRUmhI89G4z0mgGF5tFZ4s5DibVbMiQ,2619
|
|
5
|
-
yaralyzer/bytes_match.py,sha256=HiN5Afnx64ReolQuLJzx827VOZ9Okb7ix2GfZNUEe4U,8091
|
|
6
|
-
yaralyzer/config.py,sha256=zQbDFlTxNrA_ViBJ6ocpGQFaPBCJNWPxgSwNwVspzuE,3942
|
|
7
|
-
yaralyzer/decoding/bytes_decoder.py,sha256=3AT1xvHd2Uh-5lVRAq-iybtw4w-iZtTMeqD-5qVq8zc,8596
|
|
8
|
-
yaralyzer/decoding/decoding_attempt.py,sha256=Wi82uQHsz7-GBvt7i6QbaxgGBIU9o1t-VyqpEmBuQE0,8460
|
|
9
|
-
yaralyzer/encoding_detection/character_encodings.py,sha256=DvsBcUFLLsd5yzv3kGtGMhEME2noELysq-pZMjt17ZU,5463
|
|
10
|
-
yaralyzer/encoding_detection/encoding_assessment.py,sha256=fmA3XlFw3-s7rMgn-E_DTnZk2JDGcw93bGvSkjNI2WM,2350
|
|
11
|
-
yaralyzer/encoding_detection/encoding_detector.py,sha256=xpyWyIpcFzR84Hx_HnlekLQsAjUhP6etwYjZ11myPG0,4683
|
|
12
|
-
yaralyzer/helpers/bytes_helper.py,sha256=MZakPrba_8CRUFx60Z8vwf7tozYX8ZuyCN2FudJYfcY,7440
|
|
13
|
-
yaralyzer/helpers/dict_helper.py,sha256=hp96ZLzKDvacb9iJh1386ciXx-XejSGiPzllB7WhDZw,185
|
|
14
|
-
yaralyzer/helpers/file_helper.py,sha256=uf8dTOhRrJng0V36o7Mwk5t-L5gc4_uOaGj9F0s5OBA,1254
|
|
15
|
-
yaralyzer/helpers/list_helper.py,sha256=zX6VzJDbnyxuwQpth5Mc7k7yeJytqWPzpo1v5nXCMtE,394
|
|
16
|
-
yaralyzer/helpers/rich_text_helper.py,sha256=PYHne9bBVnotb0d7i55TETJjOTshEVU87i0gE0MLOuc,4195
|
|
17
|
-
yaralyzer/helpers/string_helper.py,sha256=AT2_CAgpvtp8GiUSKLTiDoToDD3tBB9BbrlX-s2bL7o,932
|
|
18
|
-
yaralyzer/output/decoding_attempts_table.py,sha256=x6AViJqAj7ept92OXWl9-PVk8MyBSyYt62mUgJjsP7U,4040
|
|
19
|
-
yaralyzer/output/file_export.py,sha256=J7La_7ryg6mMipbeBUYGPFJrkgshn14ERoayCrnFHtc,2901
|
|
20
|
-
yaralyzer/output/file_hashes_table.py,sha256=bM7xl8ucgrNxWVSUXfOLrtei2rDbrL1a8nV-Q2uGtok,1616
|
|
21
|
-
yaralyzer/output/regex_match_metrics.py,sha256=deJPaVnhpy-AUX6PCE_jbPLIlmfIOtl-cEVWsiFp3KY,3003
|
|
22
|
-
yaralyzer/output/rich_console.py,sha256=yME6giQosel8XlEnnHhQGMYishGCRWL9wrpkoyrICjc,4249
|
|
23
|
-
yaralyzer/util/argument_parser.py,sha256=tLLTet7I3LBnvMxJ3epcSIrbKkwjqGzSipO2netZTsw,12924
|
|
24
|
-
yaralyzer/util/logging.py,sha256=tPtAeZQf1VassyHTxgR69Y7t1Y6v6SmDWel2-Og93kA,4239
|
|
25
|
-
yaralyzer/yara/yara_match.py,sha256=F_1tn1ynbTwzOWSblis02DlVunn-vY3IPX8QjJhukMs,5118
|
|
26
|
-
yaralyzer/yara/yara_rule_builder.py,sha256=P7NPzMMz03V1rDH3PMwb3VAbpBFD-oLNkiCIJAtLa7A,2990
|
|
27
|
-
yaralyzer/yaralyzer.py,sha256=3EIiDHHbi_fjWdCmMnDEW8ZGWxL6xPeNxt58oTeZxJw,9291
|
|
28
|
-
yaralyzer-1.0.7.dist-info/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
|
|
29
|
-
yaralyzer-1.0.7.dist-info/METADATA,sha256=a3aiyG-MzWHoiJ55dkDSOkC_G4gFCeIHfhpjh2F2zS4,10993
|
|
30
|
-
yaralyzer-1.0.7.dist-info/WHEEL,sha256=d2fvjOD7sXsVzChCqf0Ty0JbHKBaLYwDbGQDwQTnJ50,88
|
|
31
|
-
yaralyzer-1.0.7.dist-info/entry_points.txt,sha256=7LnLJrNTfql0vuctjRWwp_ZD-BYvtv9ENVipdjuT7XI,136
|
|
32
|
-
yaralyzer-1.0.7.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|