API Overview

Modules

• bytes_match: BytesMatch class for tracking regex and YARA matches against binary data.
• config: Configuration management for Yaralyzer.
• yaralyzer: Main Yaralyzer class and alternate constructors.
• bytes_decoder: BytesDecoder class for attempting to decode bytes with various encodings.
• decoding_attempt: Class to manage attempting to decode a chunk of bytes into strings with a given encoding.
• character_encodings: Constants related to character encodings.
• encoding_assessment: Helps with chardet library.
• encoding_detector: EncodingDetector class for managing chardet encoding detection.
• console: Holds the rich.Console instance that controls the stdout printing and file export.
• decoding_attempts_table: Methods to build the rich.table used to display decoding attempts of a given bytes array.
• decoding_table_row
• file_export: Functions to export Yaralyzer results to various file formats.
• file_hashes_table: Methods for computing and displaying various file hashes.
• regex_match_metrics: RegexMatchMetrics class.
• theme: Color theme stuff. Rich color names
• argument_parser: Argument parsing for yaralyze command line tool (also used by the pdfalyzer).
• classproperty
• cli_option_validators: Validators for command line arguments.
• constants
• exceptions
• logging: Logs are not normally ephemeral/not written to files but can be configured to do so by setting
• timeout
• error: Handling of internal YARA errors.
• yara_match: Rich text decorator for YARA match dicts.
• yara_rule_builder: Builds bare bones YARA rules to match strings and regex patterns.

Classes

• bytes_match.BytesMatch: Simple class to keep track of regex matches against binary data.
• config.YaralyzerConfig: Handles parsing of command line args and environment variables for Yaralyzer.
• yaralyzer.Yaralyzer: Central class that handles setting up / compiling YARA rules and reading binary data from files as needed.
• bytes_decoder.BytesDecoder: Handles decoding a chunk of bytes into strings using various possible encodings, ranking and displaying results.
• decoding_attempt.DecodingAttempt: Manages the process of attempting to decode a chunk of bytes into a string using a specified encoding.
• encoding_assessment.EncodingAssessment: Class to smooth some of the rough edges around the dicts returned by chardet.detect_all().
• encoding_detector.EncodingDetector: Manager class to ease dealing with the encoding detection library chardet.
• decoding_table_row.DecodingTableRow: Simple dataclass to hold a single row of a table of decoding attempts.
• file_hashes_table.BytesInfo: Compute the size, MD5, SHA1, and SHA256 hashes for some bytes.
• regex_match_metrics.RegexMatchMetrics: Class to measure what we enounter as we iterate over all matches of a relatively simple byte level regex.
• classproperty.classproperty: Decorator that mimics chaining @classmethod and @property for a getter. From:
• cli_option_validators.DirValidator: DirValidator(allow_create: bool = False)
• cli_option_validators.OptionValidator: Base class for CLI options validators that needs to be in its own file because of circular
• cli_option_validators.PathValidator
• cli_option_validators.PatternsLabelValidator
• cli_option_validators.YaraRegexValidator
• logging.BufferingFormatter: A formatter suitable for formatting a number of records.
• logging.FileHandler: A handler class which writes formatted logging records to disk files.
• logging.Filter: Filter instances are used to perform arbitrary filtering of LogRecords.
• logging.Filterer: A base class for loggers and handlers which allows them to share
• logging.Formatter: Formatter instances are used to convert a LogRecord to text.
• logging.Handler: Handler instances dispatch logging events to specific destinations.
• logging.LogRecord: A LogRecord instance represents an event being logged.
• logging.Logger: Instances of the Logger class represent a single logging channel. A
• logging.LoggerAdapter: An adapter for loggers which makes it easier to specify contextual
• logging.Manager: There is [under normal circumstances] just one Manager instance, which
• logging.NullHandler: This handler does nothing. It's intended to be used to avoid the
• logging.PercentStyle
• logging.PlaceHolder: PlaceHolder instances are used in the Manager logger hierarchy to take
• logging.RootLogger: A root logger is not that different to any other logger, except that
• logging.StrFormatStyle
• logging.StreamHandler: A handler class which writes logging records, appropriately formatted,
• logging.StringTemplateStyle
• yara_match.YaraMatch: Rich text decorator for YARA match dicts.

Functions

• yaralyzer.yaralyze: Entry point for Yaralyzer when invoked as a script. Args are parsed from the command line
• character_encodings.encoding_offsets: Get possible offsets for a given encoding. If the encoding is not in WIDE_UTF_ENCODINGS, return [0].
• character_encodings.encoding_width: Get the width of a character in bytes for a given encoding, which is the number of possible offsets.
• character_encodings.is_wide_utf: Check if the encoding is a wide UTF encoding (UTF-16 or UTF-32).
• character_encodings.scrub_c1_control_chars: Fill in a dict with integer keys/values corresponding to where a given char encoding has no chars
• console.console_print_with_fallback: rich.console.print() with fallback to regular print() if there's a Rich Markup issue.
• console.console_width: Current width set in console object.
• decoding_attempts_table.new_decoding_attempts_table: Build a new rich Table with two rows, the raw and hex views of the bytes_match data.
• file_export.export_json: Export YARA scan results to JSON.
• file_export.invoke_rich_export: Announce the export, perform the export, and announce completion.
• file_export.render_png: Turn the svg output into a png with Inkscape or cairosvg. Returns png path if successful.
• file_hashes_table.bytes_hashes_table: Build a Rich Table displaying the size, MD5, SHA1, and SHA256 hashes of a byte sequence.
• theme.argparse_style: RichHelpFormatterPlus strings:
• theme.color_theme_grid: Lay out the colors in 'styles' in a grid with a header panel.
• theme.theme_colors_with_prefix: Return a list of (name, style) Text objects for all styles in the theme that start with prefix.
• argument_parser.epilog: Returns a string with some rich text tags for color to be used as the --help footer.
• argument_parser.show_configurable_env_vars: Show the environment variables that can be used to set command line options, either
• exceptions.print_fatal_error: Print a fatal error message
• exceptions.print_fatal_error_and_exit: Print an error message and exit with code 'exit_code'.
• logging.addLevelName: Associate 'levelName' with 'level'.
• logging.basicConfig: Do basic configuration for the logging system.
• logging.captureWarnings: If capture is true, redirect all warnings to the logging package.
• logging.critical: Log a message with severity 'CRITICAL' on the root logger. If the logger
• timeout.timeout: From:
• error.yara_error_msg: Turn a mysterious YARA error code number into a human readable string.
• yara_rule_builder.build_yara_rule: Build a compiled yara.Rule object.
• yara_rule_builder.safe_label: YARA rule and pattern names can only contain alphanumeric chars.
• yara_rule_builder.yara_rule_string: Build a YARA rule string for a given pattern.

---

This file was automatically generated via lazydocs.