YaraXSharp 0.0.3
There is a newer version of this package available.
See the version list below for details.
See the version list below for details.
dotnet add package YaraXSharp --version 0.0.3
NuGet\Install-Package YaraXSharp -Version 0.0.3
This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.
<PackageReference Include="YaraXSharp" Version="0.0.3" />
For projects that support PackageReference, copy this XML node into the project file to reference the package.
<PackageVersion Include="YaraXSharp" Version="0.0.3" />
<PackageReference Include="YaraXSharp" />
For projects that support Central Package Management (CPM), copy this XML node into the solution Directory.Packages.props file to version the package.
paket add YaraXSharp --version 0.0.3
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
#r "nuget: YaraXSharp, 0.0.3"
#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.
#:package YaraXSharp@0.0.3
#:package directive can be used in C# file-based apps starting in .NET 10 preview 4. Copy this into a .cs file before any lines of code to reference the package.
#addin nuget:?package=YaraXSharp&version=0.0.3
#tool nuget:?package=YaraXSharp&version=0.0.3
The NuGet Team does not provide support for this client. Please contact its maintainers for support.
Yara-X Sharp
A simple wrapper for Yara-X around the Yara-X C/C++ API.
You can find the Nuget package here.
Requirements
Bring your own yara_x_capi.dll which you can find here.
Usage
try {
/*
* New Compiler instance.
* You can pass multiple params from YRX_COMPILE_FLAGS.
* E.g. new YaraX(YRX_COMPILE_FLAGS.YRX_ERROR_ON_SLOW_PATTERN)
*/
var yara = new YaraX();
yara.AddRuleFile("./eicar.yar");
var rules = yara.Build(); // Compiled rules to be used in Scanner.
Scanner scanner = new Scanner(rules, YRX_SCANNER_FLAGS.LOAD_METADATA);
scanner.scan("./eicar.txt");
List<Rule> results = scanner.Results();
foreach (Rule rule in results) {
Console.WriteLine(rule.Metadata["malware_family"]);
}
// Make sure to destroy.
scanner.Destroy();
yara.Destroy();
} catch (YrxException ex) {
Console.WriteLine(ex.Message);
}
Reference
To-Dos
Compiler flags- Compiler error and warnings
- Scanner timeout
- Iterate matched rule patterns
and tags - File streaming for scanning large files
Compatibility
| Wrapper Version | Yara-X Release Version |
|---|---|
| 0.0.1, 0.0.2, 0.0.3 | 1.4.0 |
| Product | Versions Compatible and additional computed target framework versions. |
|---|---|
| .NET | net8.0 is compatible. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed. net9.0 was computed. net9.0-android was computed. net9.0-browser was computed. net9.0-ios was computed. net9.0-maccatalyst was computed. net9.0-macos was computed. net9.0-tvos was computed. net9.0-windows was computed. net10.0 was computed. net10.0-android was computed. net10.0-browser was computed. net10.0-ios was computed. net10.0-maccatalyst was computed. net10.0-macos was computed. net10.0-tvos was computed. net10.0-windows was computed. |
Compatible target framework(s)
Included target framework(s) (in package)
Learn more about Target Frameworks and .NET Standard.
-
net8.0
- No dependencies.
NuGet packages
This package is not used by any NuGet packages.
GitHub repositories
This package is not used by any popular GitHub repositories.