Python Plyara.rebuild_yara_rule Examples

Programming Language: Python

Namespace/Package Name: plyara

Class/Type: Plyara

Method/Function: rebuild_yara_rule

Examples at hotexamples.com: 5

Python Plyara.rebuild_yara_rule - 5 examples found. These are the top rated real world Python examples of plyara.Plyara.rebuild_yara_rule extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

Plyara(30)

parse_string(7)

rebuild_yara_rule(5)

generate_logic_hash(4)

clear(3)

detect_dependencies(3)

detect_imports(3)

is_valid_rule_name(3)

Example #1

Show file

File: unit_tests.py Project: benua74/plyara

 def test_rebuild_yara_rule_metadata(self):
     test_rule = """
     rule check_meta {
         meta:
             string_value = "TEST STRING"
             string_value = "DIFFERENT TEST STRING"
             string_value = ""
             bool_value = true
             bool_value = false
             digit_value = 5
             digit_value = 10
         condition:
             true
     }
     """
     parsed = Plyara().parse_string(test_rule)
     for rule in parsed:
         with self.assertWarns(DeprecationWarning):
             unparsed = Plyara.rebuild_yara_rule(rule)
         self.assertIn('string_value = "TEST STRING"', unparsed)
         self.assertIn('string_value = "DIFFERENT TEST STRING"', unparsed)
         self.assertIn('string_value = ""', unparsed)
         self.assertIn('bool_value = true', unparsed)
         self.assertIn('bool_value = false', unparsed)
         self.assertIn('digit_value = 5', unparsed)
         self.assertIn('digit_value = 10', unparsed)

Example #2

Show file

File: unit_tests.py Project: rholloway/plyara

    def test_rebuild_yara_rule(self):
        with codecs.open('tests/data/rebuild_ruleset.yar',
                         'r',
                         encoding='utf-8') as f:
            inputString = f.read()

        result = Plyara().parse_string(inputString)

        rebuilt_rules = ""
        for rule in result:
            rebuilt_rules += Plyara.rebuild_yara_rule(rule)

        self.assertEqual(inputString, rebuilt_rules)

Example #3

Show file

File: models.py Project: youngjun-chang/YaraGuardian

    def format_rule(self):
        raw_rule = {}

        raw_rule['rule_name'] = self.name
        raw_rule['tags'] = self.tags
        raw_rule['imports'] = self.imports
        raw_rule['metadata'] = self.metadata
        raw_rule['strings'] = self.strings
        raw_rule['condition_terms'] = self.condition
        raw_rule['scopes'] = self.scopes

        formatted_rule = Plyara.rebuild_yara_rule(raw_rule)
        return formatted_rule

Example #4

Show file

File: unit_tests.py Project: benua74/plyara

    def test_rebuild_yara_rule(self):
        with data_dir.joinpath('rebuild_ruleset.yar').open(
                'r', encoding='utf-8') as fh:
            inputString = fh.read()

        result = Plyara().parse_string(inputString)

        rebuilt_rules = str()
        with self.assertWarns(DeprecationWarning):
            for rule in result:
                rebuilt_rules += Plyara.rebuild_yara_rule(rule)

        self.assertEqual(inputString, rebuilt_rules)

Example #5

Show file

 def test_rebuild_yara_rule_metadata(self):
     test_rule = """
     rule check_meta {
         meta:
             string_value = "TEST STRING"
             bool_value = true
             digit_value = 5
         condition:
             true
     }
     """
     parsed = Plyara().parse_string(test_rule)
     for rule in parsed:
         unparsed = Plyara.rebuild_yara_rule(rule)
         self.assertTrue('string_value = "TEST STRING"' in unparsed)
         self.assertTrue('bool_value = true' in unparsed)
         self.assertTrue('digit_value = 5' in unparsed)