goyara

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 20, 2023 License: Apache-2.0 Imports: 5 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Load 

func Load(rules []Rule) (*yara.Rules, error)

Load and compile yara rules.

Types

type Rule 

type Rule struct {
	Namespace string
	Filename  string
}

Rule represents a Yara rule.

type Scanner added in v0.5.0 

type Scanner struct {
	// contains filtered or unexported fields
}

func New added in v0.5.0 

func New(rulesPath string) (Scanner, error)

func NewFromRules added in v0.5.0 

func NewFromRules(rules []Rule) (Scanner, error)

func (Scanner) ScanBytes added in v0.5.0 

func (s Scanner) ScanBytes(buff []byte) ([]yara.MatchRule, error)

ScanBytes performs a scan over a byte stream.

func (Scanner) ScanFile added in v0.5.0 

func (s Scanner) ScanFile(filepath string) ([]yara.MatchRule, error)

ScanFile performs a scan over a file path.

func (Scanner) ScanProc added in v0.5.0 

func (s Scanner) ScanProc(pid int) ([]yara.MatchRule, error)

ScanProc performs a process scan.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.