API Overview

Modules

• bytes_match: BytesMatch class for tracking regex and YARA matches against binary data.
• config: Configuration management for Yaralyzer.
• yaralyzer: Main Yaralyzer class and alternate constructors.
• bytes_decoder: BytesDecoder class for attempting to decode bytes with various encodings.
• decoding_attempt: Class to manage attempting to decode a chunk of bytes into strings with a given encoding.
• character_encodings: Constants related to character encodings.
• encoding_assessment: Helps with chardet library.
• encoding_detector: EncodingDetector class for managing chardet encoding detection.
• decoding_attempts_table: Methods to build the rich.table used to display decoding attempts of a given bytes array.
• file_export: Functions to export Yaralyzer results to various file formats.
• file_hashes_table: Methods for computing and displaying various file hashes.
• regex_match_metrics: RegexMatchMetrics class.
• rich_console: Variables and methods for working with Rich text output.
• argument_parser: Argument parsing for yaralyzer CLI tool.
• logging: Handle logging for yaralyzer.
• yara_match: Rich text decorator for YARA match dicts.
• yara_rule_builder: Builds bare bones YARA rules to match strings and regex patterns.

Classes

• bytes_match.BytesMatch: Simple class to keep track of regex matches against binary data.
• config.YaralyzerConfig: Handles parsing of command line args and environment variables for Yaralyzer.
• yaralyzer.Yaralyzer: Central class that handles setting up / compiling YARA rules and reading binary data from files as needed.
• bytes_decoder.BytesDecoder: Handles decoding a chunk of bytes into strings using various possible encodings, ranking and displaying results.
• decoding_attempt.DecodingAttempt: Manages the process of attempting to decode a chunk of bytes into a string using a specified encoding.
• encoding_assessment.EncodingAssessment: Class to smooth some of the rough edges around the dicts returned by chardet.detect_all().
• encoding_detector.EncodingDetector: Manager class to ease dealing with the encoding detection library chardet.
• decoding_attempts_table.DecodingTableRow: DecodingTableRow(encoding_label, confidence_text, errors_while_decoded, decoded_string, confidence, encoding, sort_score, encoding_label_plain)
• file_hashes_table.BytesInfo: BytesInfo(size, md5, sha1, sha256)
• regex_match_metrics.RegexMatchMetrics: Class to measure what we enounter as we iterate over all matches of a relatively simple byte level regex.
• argument_parser.OutputSection: OutputSection(argument, method)
• logging.BufferingFormatter: A formatter suitable for formatting a number of records.
• logging.FileHandler: A handler class which writes formatted logging records to disk files.
• logging.Filter: Filter instances are used to perform arbitrary filtering of LogRecords.
• logging.Filterer: A base class for loggers and handlers which allows them to share
• logging.Formatter: Formatter instances are used to convert a LogRecord to text.
• logging.Handler: Handler instances dispatch logging events to specific destinations.
• logging.LogRecord: A LogRecord instance represents an event being logged.
• logging.Logger: Instances of the Logger class represent a single logging channel. A
• logging.LoggerAdapter: An adapter for loggers which makes it easier to specify contextual
• logging.Manager: There is [under normal circumstances] just one Manager instance, which
• logging.NullHandler: This handler does nothing. It's intended to be used to avoid the
• logging.PercentStyle
• logging.PlaceHolder: PlaceHolder instances are used in the Manager logger hierarchy to take
• logging.RootLogger: A root logger is not that different to any other logger, except that
• logging.StrFormatStyle
• logging.StreamHandler: A handler class which writes logging records, appropriately formatted,
• logging.StringTemplateStyle
• yara_match.YaraMatch: Rich text decorator for YARA match dicts.

Functions

• config.config_var_name: Get the name of env_var and strip off YARALYZER_ prefix.
• config.is_env_var_set_and_not_false: Return True if var_name is not empty and set to anything other than "false" (capitalization agnostic).
• config.is_invoked_by_pytest: Return True if invoked in a pytest context.
• yaralyzer.yaralyze: Entry point for yaralyzer when invoked as a script.
• character_encodings.encoding_offsets: Get possible offsets for a given encoding. If the encoding is not in WIDE_UTF_ENCODINGS, return [0].
• character_encodings.encoding_width: Get the width of a character in bytes for a given encoding, which is the number of possible offsets.
• character_encodings.is_wide_utf: Check if the encoding is a wide UTF encoding (UTF-16 or UTF-32).
• character_encodings.scrub_c1_control_chars: Fill in a dict with integer keys/values corresponding to where a given char encoding has no chars
• decoding_attempts_table.assessment_only_row: Build a DecodingTableRow with just chardet assessment confidence data and no actual decoding attempt string.
• decoding_attempts_table.decoding_table_row: Build a table row for a decoding attempt.
• decoding_attempts_table.new_decoding_attempts_table: Build a new rich Table with two rows, the raw and hex views of the bytes_match data.
• file_export.export_json: Export YARA scan results to JSON.
• file_export.invoke_rich_export: Announce the export, perform the export, and announce completion.
• file_hashes_table.bytes_hashes_table: Build a Rich Table displaying the size, MD5, SHA1, and SHA256 hashes of a byte sequence.
• file_hashes_table.compute_file_hashes: Compute the size, MD5, SHA1, and SHA256 hashes for a given byte sequence.
• file_hashes_table.compute_file_hashes_for_file: Compute the size, MD5, SHA1, and SHA256 hashes for the contents of a file.
• rich_console.console_print_with_fallback: rich.console.print() with fallback to regular print() if there's a Rich Markup issue.
• rich_console.console_width: Current width set in console object.
• rich_console.console_width_possibilities: Returns a list of possible console widths, the first being the current terminal width.
• rich_console.print_fatal_error_and_exit: Print a fatal error message in a Panel and exit.
• rich_console.print_header_panel: Print a headline inside a styled Rich Panel to the console.
• rich_console.theme_colors_with_prefix: Return a list of (name, style) Text objects for all styles in the theme that start with prefix.
• argument_parser.get_export_basepath: Get the basepath (directory + filename without extension) for exported files.
• argument_parser.parse_arguments: Parse command line args. Most arguments can also be communicated to the app by setting env vars.
• logging.addLevelName: Associate 'levelName' with 'level'.
• logging.basicConfig: Do basic configuration for the logging system.
• logging.captureWarnings: If capture is true, redirect all warnings to the logging package.
• logging.configure_logger: Set up a file or stream logger depending on the configuration.
• logging.critical: Log a message with severity 'CRITICAL' on the root logger. If the logger
• yara_rule_builder.build_yara_rule: Build a compiled yara.Rule object.
• yara_rule_builder.safe_label: YARA rule and pattern names can only contain alphanumeric chars.
• yara_rule_builder.yara_rule_string: Build a YARA rule string for a given pattern.

---

This file was automatically generated via lazydocs.