VirusTotal / yara

The pattern matching swiss knife
https://virustotal.github.io/yara/
BSD 3-Clause "New" or "Revised" License
8.26k stars 1.44k forks source link

Allow compiled rule input from stdin without "hacks" #1867

Open TaaviE opened 1 year ago

TaaviE commented 1 year ago

Is your feature request related to a problem? Please describe. I would like to run Yara with programmatically generated compiled rulesets and run Yara without writing the rules to the filesystem.

Describe the solution you'd like That I could combine --compiled-rules with piping the rules straight into Yara, just like it allows with non-compiled rules.

Describe alternatives you've considered Telling Yara that the path to rules is the stdin fd. It works but it's really ugly.