Documentation
¶
Index ¶
- Variables
- type Compiled
- func (c *Compiled) CompileDir(target ScanTarget, filenameNS bool, dir string) error
- func (c *Compiled) CompileFileOrDir(target ScanTarget, filenameNS bool, path string) error
- func (c *Compiled) CompileFiles(target ScanTarget, filenameNS bool, paths ...string) error
- func (c *Compiled) CompileString(target ScanTarget, rule, namespace string) error
- func (c *Compiled) CompileStrings(target ScanTarget, ruleNs []RuleNamespace) error
- func (c *Compiled) CreateScanner() error
- func (c *Compiled) DefineScannerVariables(sctx variables.ScanContext) error
- func (c *Compiled) Destroy()
- func (c *Compiled) Rules() *yara.Rules
- func (c *Compiled) ScanFile(filename string) error
- func (c *Compiled) ScanFileDescriptor(fd uintptr) error
- func (c *Compiled) ScanProc(pid int) error
- func (c *Compiled) Scanner() *yara.Scanner
- func (c *Compiled) SetCallback(cb yara.ScanCallback) *Compiled
- func (c *Compiled) Variables() *variables.Variables
- type RuleNamespace
- type ScanTarget
Constants ¶
This section is empty.
Variables ¶
View Source
var ErrAlreadyCompiled = errors.New("already compiled")
Functions ¶
This section is empty.
Types ¶
type Compiled ¶
type Compiled struct {
// contains filtered or unexported fields
}
Compiled holds the compiled rules and its associated external variables.
func NewCompiled ¶
func NewCompiled() *Compiled
func (*Compiled) CompileDir ¶
func (c *Compiled) CompileDir(target ScanTarget, filenameNS bool, dir string) error
CompileDir compiles the YARA rules in the given directory and sets namespace of each file by cleaning file name(s).
func (*Compiled) CompileFileOrDir ¶
func (c *Compiled) CompileFileOrDir(target ScanTarget, filenameNS bool, path string) error
CompileRulesFileOrDir compiles the YARA rules in the given directory or single file, and sets namespace of each file by cleaning file name(s).
func (*Compiled) CompileFiles ¶
func (c *Compiled) CompileFiles(target ScanTarget, filenameNS bool, paths ...string) error
CompileFiles compiles the YARA rules in the given file paths, sets namespace of each file by cleaning file name(s).
func (*Compiled) CompileString ¶
func (c *Compiled) CompileString(target ScanTarget, rule, namespace string) error
CompileString compiles the YARA rules.
func (*Compiled) CompileStrings ¶ added in v1.3.0
func (c *Compiled) CompileStrings(target ScanTarget, ruleNs []RuleNamespace) error
CompileStrings compiles the YARA rules.
func (*Compiled) CreateScanner ¶
func (*Compiled) DefineScannerVariables ¶
func (c *Compiled) DefineScannerVariables(sctx variables.ScanContext) error
func (*Compiled) ScanFileDescriptor ¶
func (*Compiled) SetCallback ¶
type RuleNamespace ¶ added in v1.3.0
RuleNamespace represents a rule and its namespace.
type ScanTarget ¶
type ScanTarget byte
ScanTarget represents a target for yara scan.
const ( ScanFile ScanTarget = iota ScanProcess )
Scan targets are file system and process memory.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.