yara-rust
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
yara-rust
Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.
Founder & Fractional CISO
Not sure if yara-rust is right for your team?
Book a 60-minute strategy call with Nikoloz. You will get a clear roadmap to evaluate products and make a decision.
→Align tool selection with your actual business goals
→Right-sized for your stage (not enterprise bloat)
→Not 47 options, exactly 3 that fit your needs
→Stop researching, start deciding
→Questions that reveal if the tool actually works
→Most companies never ask these
→The costs vendors hide in contracts
→How to uncover real Total Cost of Ownerhship before signing
yara-rust Description
Bindings for the Yara library from VirusTotal. More documentation can be found on the Yara's documentation. Example The implementation is inspired from yara-python. const RULES: &str = r#" rule contains_rust { strings: $rust = "rust" nocase condition: $rust } "#; fn main() { let compiler = Compiler::new().unwrap(); let compiler = compiler .add_rules_str(RULES) .expect("Should have parsed rule"); let rules = compiler .compile_rules() .expect("Should have compiled rules"); let results = rules .scan_mem("I love Rust!".as_bytes(), 5) .expect("Should have scanned"); assert!(results.iter().any(|r| r.identifier == "contains_rust")); } Features Support from Yara v4.2. Compile rules from strings or files. Save and load compiled rules. Scan byte arrays (&[u8]) or files. Feature flags and Yara linking. Look at the yara-sys crate documentation for a list of feature flags and how to link to your Yara crate. TODO Remove some unwrap on string conversions (currently this crate assume the rules, meta and namespace identifier are valid Rust's str). Accept AsRef<Path> instead of &str on multiple functions. Implement the scanner API. Add process scanning. Report the warnings to the user. Lic
yara-rust FAQ
Common questions about yara-rust including features, pricing, alternatives, and user reviews.
yara-rust is Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.. It is a Threat Management solution designed to help security teams with Threat Intelligence, Binary Analysis, Virus Total.
FEATURED
Fix-first AppSec powered by agentic remediation, covering SCA, SAST & secrets.
Cybercrime intelligence tools for searching compromised credentials from infostealers
Password manager with end-to-end encryption and identity protection features
Fractional CISO services for B2B companies to build security programs
Stay Updated with Mandos Brief
Get the latest cybersecurity updates in your inbox
TRENDING CATEGORIES
POPULAR
A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.
AI security assurance platform for red-teaming, guardrails & compliance
Real-time OSINT monitoring for leaked credentials, data, and infrastructure
