From 540161e8fef9def36fd768ea345804969efa604d Mon Sep 17 00:00:00 2001
From: Ron Rosson
Date: Mon, 26 Jul 2010 13:37:46 -0500
Subject: Add formula for YARA

YARA is a tool aimed at helping malware researchers to identify and classify
malware samples. With YARA you can create descriptions of malware families
based on textual or binary patterns contained on samples of those families.
Each description consists of a set of strings and a Boolean expression which
determines its logic.

Signed-off-by: Adam Vandenberg <flangy@gmail.com>
---
 Library/Formula/yara.rb | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 Library/Formula/yara.rb

(limited to 'Library/Formula')

diff --git a/Library/Formula/yara.rb b/Library/Formula/yara.rb
new file mode 100644
index 000000000..b49a32b0b
--- /dev/null
+++ b/Library/Formula/yara.rb
@@ -0,0 +1,14 @@
+require 'formula'
+
+class Yara <Formula
+  url 'http://yara-project.googlecode.com/files/yara-1.4.tar.gz'
+  homepage 'http://code.google.com/p/yara-project/'
+  md5 'ecc744a67482dc9d717936ccd69dc39f'
+
+  depends_on 'pcre'
+
+  def install
+    system "./configure", "--disable-debug", "--disable-dependency-tracking", "--prefix=#{prefix}"
+    system "make install"
+  end
+end
-- 
cgit v1.2.3