yara

$ target-query <path/to/target> -f yara
Details

Module

filesystem.yara.YaraPlugin

Output

records

Module documentation

Plugin to scan files against a local YARA rules file.

Function documentation

Scan files inside the target up to a given maximum size with YARA rule file(s).

Args:

rules: list of strings or Path objects pointing to rule files to use. path: string of absolute target path to scan. max_size: Files larger than this size will not be scanned. check: Check if provided rules are valid, only compiles valid rules.

Returns:

Iterator yields YaraMatchRecord.