Coder Social home page Coder Social logo

gyp's Introduction

GoDoc Go Report Card

gyp (go-yara-parser)

gyp is a Go library for parsing YARA rules. It uses the same grammar and lexer files as the original libyara to ensure that lexing and parsing work exactly like YARA. This library produces an Abstract Syntax Tree (AST) for the parsed YARA rules. Additionally, the AST can be serialized as a Protocol Buffer, which facilitate its manipulation in other programming languages.

Go Usage

The example below illustrates the usage of gyp, this a simple program that reads a YARA source file from the standard input, creates the corresponding AST, and writes the rules back to the standard output. The resulting output won't be exactly like the input, during the parsing and re-generation of the rules the text is reformatted and comments are lost.

package main

import (
	"log"
	"os"

	"github.com/VirusTotal/gyp"
)

func main() {
	ruleset, err := gyp.Parse(os.Stdin)
	if err != nil {
		log.Fatalf(`Error parsing rules: %v`, err)
	}
	if err = ruleset.WriteSource(os.Stdout); err != nil {
		log.Fatalf(`Error writing rules: %v`, err)
	}
}

Development

Setup development environment (Linux)

  1. Install the required packages using your package manager (apt is assumed in the following example):
	apt update && apt install \
		automake \
		bison \
		help2man \
		m4 \
		texinfo \
		texlive
  1. Install golang following the provided installation instructions.
  2. Install golang protobuf package following the provided installation instructions.
  3. Install the project dependencies:
  • go get golang.org/x/tools/cmd/goyacc
  • go get github.com/pebbe/flexgo/...
  • Add the environment variable FLEXGO, pointing out to the flexgo folder in your Go workspace (e.g., $HOME/go/src/github.com/pebbe/flexgo).
  • cd ${FLEXGO} && ./configure && cd -
  • make -C ${FLEXGO} && make -C ${FLEXGO} install

Build project

The Makefile includes targets for quickly building the parser and lexer and the data protocol buffer, as well as the y2j and j2y command-line tools:

  • Build rulesets parser and lexer: make grammar
  • Build hex strings parser and lexer: make hexgrammar
  • Build ruleset protocol buffer: make proto
  • Build y2j tool: make y2j
  • Build j2y tool: make j2y

License and third party code

This project uses code from yara-parser by Northern-Lights, which is available under the MIT license (see LICENSES_THIRD_PARTIES).

gyp's People

Contributors

plusvic avatar wxsbsd avatar guspascual avatar zohiartze avatar gazunder avatar targodan avatar wayrick avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.