yara_lite

package
v0.0.0-...-33f6857 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 14, 2025 License: MIT Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Rule 

type Rule struct {
	Name        string
	Tags        []string
	Meta        map[string]string
	Strings     []*regexp.Regexp // 编译好的正则列表
	StringNames []string         // 对应的字符串名称 ($a, $b)
}

Rule 代表一个简化的 YARA 规则

type Scanner 

type Scanner struct {
	Rules []Rule
}

Scanner 是 YARA-Lite 扫描器

func NewScanner 

func NewScanner(fsys fs.FS, ruleDir string) (*Scanner, error)

NewScanner 加载指定文件系统和目录下的所有 .yar 文件

func (*Scanner) Scan 

func (s *Scanner) Scan(content []byte) []string

Scan 扫描内容并返回匹配的规则名

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.