/yari

YARI is an interactive debugger for YARA Language.

Primary LanguageRustMIT LicenseMIT

YARI - YARA Interactive

Interactive debugger for the YARA language written in Rust. Debugger directly calls libyara avoiding emulation to get the most accurate results.

🚀 Features:

  • Call functions from modules
  • Get the value of module constants
  • Evaluate complex expressions
  • Check the matches of strings
  • Support for external variables
  • Integration with YARA Language Server

Showcase

For more information, check out:

Installation

To setup your environment please follow instructions from the YLS wiki.

Interactive shell

Binary accepts the same arguments as original yara binary.

λ yari /bin/sh
>> elf.number_of_sections
Integer(26)
>>

License

Copyright (c) 2022 Avast Software, licensed under the MIT license. See the LICENSE file for more details.

YARI and its related projects uses third-party libraries or other resources listed, along with their licenses, in the yari-sys/LICENSE-THIRD-PARTY file.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)