microengine.yara

Module Contents

microengine.yara.logger[source]
microengine.yara.RULES_DIR[source]
class microengine.yara.Scanner[source]

Bases: polyswarmclient.abstractscanner.AbstractScanner

scan_sync(self, guid, artifact_type, content, metadata, chain)[source]

Scan an artifact with Yara.

Parameters

  • guid (str) – GUID of the bounty under analysis, use to track artifacts in the same bounty

  • artifact_type (ArtifactType) – Artifact type for the bounty being scanned

  • content (bytes) – Content of the artifact to be scan

  • metadata (dict) –

  • chain (str) – Chain we are operating on

Returns

Result of this scan

Return type

ScanResult

class microengine.yara.Microengine(client, testing=0, scanner=None, chains=None, artifact_types=None, **kwargs)[source]

Bases: polyswarmclient.abstractmicroengine.AbstractMicroengine

Microengine which matches samples against yara rules