I would also like to know which is the desired use of capture groups. On Tue, Jun 22, 2021 at 11:58 PM [email protected] <[email protected]> wrote:
> Without details on the desired use of capture groups, this question is > difficult to answer. I recommend adding a detailed feature request that > includes one or more examples that fail to match the target file without a > capture group. > > YARA moved away from PCRE/RE2 in YARA 2.0, which also had a significant > performance increase. > https://github.com/VirusTotal/yara/tree/v2.0.0 > https://www.youtube.com/watch?v=ApAFU5ROo10 > > If you just want remove parts of the matched string, that can be done in > yara-python. If you want to include the regexp with the capture group in > the rule itself, I'd recommend looking at how stoQ identifies the XOR key > with yarascan. > > On Tuesday, June 22, 2021 at 9:14:03 PM UTC+2 [email protected] wrote: > >> Hi, >> >> Is there a chance that capture groups will ever be implemented in yara? >> >> Thanks, >> Dan N >> > -- > You received this message because you are subscribed to the Google Groups > "YARA" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/yara-project/302fabc6-74f2-4a13-8733-d86b075405een%40googlegroups.com > <https://groups.google.com/d/msgid/yara-project/302fabc6-74f2-4a13-8733-d86b075405een%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "YARA" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/yara-project/CAD7Y4L4Hs_5iWY5JXY0nWjjzbMAXSNnjPq4qna65eaHM7sbOvg%40mail.gmail.com.
