This is an API wrapper project that builds a vmmyara.dll/so that makes it easy to use the Yara API from within a C/C++ application. The main purpose of this project is to make it easy to use Yara from within the MemProcFS project.
- git clone vmmyara:
git clone --recurse-submodules https://github.com/ufrisk/vmmyara
- Open the YARA solution at: ./yara/windows/vs2019/yara.sln
- Upgrade to VS2022 and latest platform toolset when asked on first open.
- Build release x64 (or x86).
- On a successful build close the YARA solution.
- Open the vmmyara solution at: ./vmmyara.sln
- Build release x64 (or x86).
- On a successful build close the vmmyara solution.
- The resulting file vmmyara.dll will be in bin/x64/ (or bin/x86/).
Complete the above build flow once for each architecture. It's not possible to first build YARA for both 32-bit and 64-bit and then build vmmyara.
- Install dependencies.
sudo apt-get install automake libtool make gcc pkg-config flex bison libssl-dev libtool-bin
- git clone vmmyara:
git clone --recurse-submodules https://github.com/ufrisk/vmmyara
- cd into the yara directory relative to the vmmyara root - i.e.
cd yara
. ./bootstrap.sh
./configure --with-crypto CFLAGS="-fPIC"
make
- cd into the vmmyara project directory relative to the vmmyara root, i.e.
cd vmmyara
make
- The resulting file vmmyara.so will be in the bin folder.
The release is not signed. Reason for this is that I don't maintain the yara project and I don't sign other peoples code with my code signing certificate. It's really a shame that the YARA project don't provide official DLLs.