yextend 1.6

version 1.6 contains:

• numerous bug fixes and improvements based on feedback from Coverity's static analysis product
• added support for bzip2
• added numerous new file type detection patterns
• added macro file detection inside of .docm files
• added support for JSON output (standard and advanced)

yextend 1.5

Changes and/or additions to yextend in version 1.5:

• native parsing for PDF documents such that the Yara rulesets are now running against:
  • the target PDF's binary data set
  • the raw text (extracted out of the binary data set) from the target PDF
• file type detection has been re-written so that it is now performed against a Yara ruleset
• added some initial debug code (based on bool flag)
• more test files added
• nose based unit tests added
• yextend is now licensed via the BSD (3-clause) license

yextend 1.4

v 1.4 has some output enhancements (variable names and offsets along with relevant ruleset name) and a new way of running yextend via executable 'run_yextend'.

yextend 1.3

yextend 1.3 has been built to work with yara 3.4, it also now outputs metadata from rule 'meta' sections

yextend 1.2

Version 1.2 is an adjustment for yextend to work with version 3.3 of yara. A few functions were changed on the yara side and this rendered yextend 1.1.1 inoperable.

yextend 1.1.1

• added new file type detection patterns

yextend 1.1

• activated the processing of RAR archives (single file, unencrypted)
• cleaned up includes that are no longer needed
• small tweak to reduce false positive results in the archive anomaly calculation