tessl/pypi-yara-python
Python interface for YARA, a powerful malware identification and classification tool
Overall
score
85%
Evaluation — 85%
↓ 0.94xAgent success when using this tile
task.mdevals/scenario-3/
Malware Rule Scanner
A utility that loads malware detection rules from a file and scans target data to identify matches.
Capabilities
Rule Loading
- It loads rules from a YARA rule file @test
- It raises an error when the rule file does not exist @test
- It raises an error when the rule file has syntax errors @test
Data Scanning
- It scans binary data and returns matching rule names @test
- It scans data with multiple rules and returns all matches @test
- It returns an empty list when no rules match @test
Implementation
@generates
API
def load_rules(filepath: str):
"""
Load YARA rules from a file.
Args:
filepath: Path to the YARA rules file
Returns:
A compiled rules object
Raises:
FileNotFoundError: If the rule file does not exist
SyntaxError: If the rule file contains invalid syntax
"""
pass
def scan_data(rules, data: bytes) -> list[str]:
"""
Scan binary data using compiled rules.
Args:
rules: Compiled rules object returned by load_rules()
data: Binary data to scan
Returns:
List of rule names that matched (empty list if no matches)
"""
passDependencies { .dependencies }
yara-python { .dependency }
Provides YARA pattern matching capabilities for malware detection.
Install with Tessl CLI
npx tessl i tessl/pypi-yara-pythonevals
scenario-1
scenario-2
scenario-3
scenario-4
scenario-5
scenario-6
scenario-7
scenario-8
scenario-9
scenario-10