tessl/pypi-yara-python
Python interface for YARA, a powerful malware identification and classification tool
Overall
score
85%
Evaluation — 85%
↓ 0.94xAgent success when using this tile
task.mdevals/scenario-2/
Process Pattern Scanner
A command-line utility that scans running processes for suspicious patterns using pattern matching rules.
Capabilities
Process Memory Scanning
- Scans a process by PID and returns all matching rule names @test
- Returns an empty list when no patterns match @test
Rule Loading
- Loads pattern matching rules from a file path @test
Error Handling
- Raises an exception when attempting to scan a non-existent process @test
- Raises an exception when the rules file does not exist @test
Implementation
@generates
API
def scan_process(pid: int, rules_file: str) -> list[str]:
"""
Scans a process's memory for patterns defined in a rules file.
Args:
pid: The process ID to scan
rules_file: Path to the file containing pattern matching rules
Returns:
A list of rule names that matched (empty list if no matches)
Raises:
ValueError: If the rules file does not exist
RuntimeError: If the process does not exist or cannot be accessed
"""
passDependencies { .dependencies }
yara-python { .dependency }
Provides pattern matching and process scanning capabilities.
@satisfied-by
Install with Tessl CLI
npx tessl i tessl/pypi-yara-pythonevals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
scenario-6
scenario-7
scenario-8
scenario-9
scenario-10