diff --git a/pkgs/development/python-modules/yara-python/default.nix b/pkgs/development/python-modules/yara-python/default.nix new file mode 100644 index 00000000000..569bf0ef80d --- /dev/null +++ b/pkgs/development/python-modules/yara-python/default.nix @@ -0,0 +1,41 @@ +{ lib +, buildPythonPackage +, fetchFromGitHub +, pytestCheckHook +, yara +}: + +buildPythonPackage rec { + pname = "yara-python"; + version = "4.0.5"; + + src = fetchFromGitHub { + owner = "VirusTotal"; + repo = "yara-python"; + rev = "v${version}"; + sha256 = "1qd0aw5p48ay77hgj0hgzpvbmq1933mknk134aqdb32036rlc5sq"; + }; + + buildInputs = [ + yara + ]; + + checkInputs = [ + pytestCheckHook + ]; + + setupPyBuildFlags = [ + "--dynamic-linking" + ]; + + pytestFlagsArray = [ "tests.py" ]; + + pythonImportsCheck = [ "yara" ]; + + meta = with lib; { + description = "Python interface for YARA"; + homepage = "https://github.com/VirusTotal/yara-python"; + license = with licenses; [ asl20 ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/development/tools/apkid/default.nix b/pkgs/development/tools/apkid/default.nix new file mode 100644 index 00000000000..2cb1c4e8d00 --- /dev/null +++ b/pkgs/development/tools/apkid/default.nix @@ -0,0 +1,44 @@ +{ lib +, fetchFromGitHub +, python3 +}: + +python3.pkgs.buildPythonApplication rec { + pname = "apkid"; + version = "2.1.1"; + + src = fetchFromGitHub { + owner = "rednaga"; + repo = "APKiD"; + rev = "v${version}"; + sha256 = "1p6kdjjw2jhwr875445w43k46n6zwpz0l0phkl8d3y1v4gi5l6dx"; + }; + + propagatedBuildInputs = with python3.pkgs; [ + yara-python + ]; + + checkInputs = with python3.pkgs; [ + pytestCheckHook + ]; + + preBuild = '' + # Prepare the YARA rules + ${python3.interpreter} prep-release.py + ''; + + postPatch = '' + # The next release will have support for later yara-python releases + substituteInPlace setup.py \ + --replace "yara-python==3.11.0" "yara-python" + ''; + + pythonImportsCheck = [ "apkid" ]; + + meta = with lib; { + description = "Android Application Identifier"; + homepage = "https://github.com/rednaga/APKiD"; + license = with licenses; [ gpl3Only ]; + maintainers = with maintainers; [ fab ]; + }; +} diff --git a/pkgs/tools/security/yara/default.nix b/pkgs/tools/security/yara/default.nix index 844004c3b9e..506bf0f719d 100644 --- a/pkgs/tools/security/yara/default.nix +++ b/pkgs/tools/security/yara/default.nix @@ -6,8 +6,11 @@ , pkg-config , protobufc , withCrypto ? true, openssl -, enableMagic ? true, file , enableCuckoo ? true, jansson +, enableDex ? true +, enableDotNet ? true +, enableMacho ? true +, enableMagic ? true, file }: stdenv.mkDerivation rec { @@ -46,14 +49,18 @@ stdenv.mkDerivation rec { configureFlags = [ (lib.withFeature withCrypto "crypto") - (lib.enableFeature enableMagic "magic") (lib.enableFeature enableCuckoo "cuckoo") + (lib.enableFeature enableDex "dex") + (lib.enableFeature enableDotNet "dotnet") + (lib.enableFeature enableMacho "macho") + (lib.enableFeature enableMagic "magic") ]; meta = with lib; { description = "The pattern matching swiss knife for malware researchers"; homepage = "http://Virustotal.github.io/yara/"; license = licenses.asl20; + maintainers = with maintainers; [ fab ]; platforms = platforms.all; }; } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 907c5d5859b..020cb17a25a 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -961,6 +961,8 @@ in lua = lua5_3; }; + apkid = callPackage ../development/tools/apkid { }; + apktool = callPackage ../development/tools/apktool { inherit (androidenv.androidPkgs_9_0) build-tools; }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 9e4dd92903e..4003f3b14bc 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -9160,6 +9160,8 @@ in { Yapsy = callPackage ../development/python-modules/yapsy { }; + yara-python = callPackage ../development/python-modules/yara-python { }; + yarg = callPackage ../development/python-modules/yarg { }; yarl = callPackage ../development/python-modules/yarl { };