applications/forensics tools

yara - yara - find files matching patterns and rules written in a special-purpose language

License: GPL
Yara scans the given FILE or the process indentified by PID looking if
it matches the patterns and rules provided in a special purpose-lan‐
guage. The rules are read from RULEFILEs or standard input.


yara-3.4.0-2.el5.i686 [678 KiB] Changelog by Lawrence R. Rogers (2015-09-24):
* Release 3.4.0-2
	Added a build requires of openssl-devel
yara-3.4.0-1.el5.i686 [646 KiB] Changelog by Lawrence R. Rogers (2015-06-18):
* Release 3.4.0-1
	Short-circuit evaluation for conditions
	New yr_rules_save_stream/yr_rules_load_stream APIs.
	load() and save() methods in yara-python accept file-like objects
	Improvements to the PE and ELF modules
	Some performance improvements
	New command-line option --print-module-data
	Multiple bug fixes.
yara-3.3.0-1.el5.i686 [626 KiB] Changelog by Lawrence R. Rogers (2015-02-10):
* Release 3.3.0-1
	Added support for negative integers and floating point numbers
	Implemented operators >,<, >=, <= for strings
	Implemented word boundary anchors (\b, \B) in regular expressions
	New features in PE module
	Math module
	New --print-namespace command line argument
	Better error handling in low memory conditions
	BUGFIX: "at" operator not working with certain strings containing wildcards
	BUGFIX: precedence of bitwise operators was incorrect
	BUGFIX: incorrect imphash result for certain PE files importing functions by ordinal
	BUGFIX: handle and memory leaks
	BUGFIX: multiple segfaults
yara-1.6-1.el5.i386 [187 KiB] Changelog by Lawrence R. Rogers (2011-04-08):
* Release 1.6-1
	* added support for bitwise operators
	* added support for multi-line hex strings
	* scan speed improvement for regular expressions (with PCRE)
	* yara-python ported to Python 3.x
	* yara-python support for 64-bits Python under Windows
	* BUGFIX: Buffer overflow in error printing

Listing created by Repoview-0.6.6-1.el6