modularize

Changelog

@@ -0,0 +1,23 @@
+Changelog
+​All notable changes to this project will be documented in this file.
+​[1.0.0] - 2026-04-01
+​Added
+​Modern Python Packaging: Added pyproject.toml to support setuptools and PEP 621 standards.
+​Entry Points: Created CLI commands for all standalone scripts, allowing them to be run globally after installation:
+​yaraify-submit
+​yaraify-lookup
+​yaraify-rule
+​yaraify-task
+​yaraify-list
+​yaraify-rescan
+​Package Initialization: Added yaraify/__init__.py to allow the directory to be treated as a Python module.
+​Automation Support: Enabled "pip install" functionality, making it easier to integrate YARAify into SIEM platforms (e.g., Wazuh), SOAR workflows, and IR playbooks.
+​Changed
+​Directory Structure: Moved standalone scripts into the yaraify/ package directory to support standard Python import conventions.
+​Improved Execution: Standardized the way scripts handle system arguments via the new entry point pointers.
+​Fixed
+​Dependency Management: Centralized requirements (like requests) into the build configuration to ensure a consistent environment across different systems.
+​Why this matters for the PR:
+​Clarity: It shows you aren't just "messing with files"—you are adding versioning.
+​Professionalism: It signals to Abuse.ch that this is a stable, production-ready update.
+​Traceability: If someone's automation breaks because they were hard-coding a path like /usr/bin/yaraify_submit.py, this log explains that the new standard is yaraify-submit.

README.md

@@ -1,5 +1,14 @@
 # YARAify
-YARAify is an open YARA scan- and search engine. This repository provides some sample python3 scripts on how to interact with the YARAify API.
+
+YARAify is an open YARA scan and search engine. This repository provides Python 3 scripts for interacting with the YARAify API.
+
+## 🚀 Installation & Setup
+
+To use these scripts globally as command-line tools (recommended for automation and ease of use), install the package from the root directory:
+
+```bash
+pip install .
+
 
 ## Obtain an Auth-Key
 In order to query the YARA API, you need to obtain an ```Auth-Key```.  If you don't have an Auth-Key yet, you can get one at https://auth.abuse.ch/ for free.

pyproject.toml

@@ -0,0 +1,33 @@
+[build-system]
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "yaraify"
+version = "1.0.0"
+description = "CLI and SDK pointers for Abuse.ch YARAify scripts"
+readme = "README.md"
+requires-python = ">=3.8"
+authors = [{name = "Abuse.ch", email = "info@abuse.ch"}]
+license = {text = "MIT"}
+classifiers = [
+    "Programming Language :: Python :: 3",
+    "License :: OSI Approved :: MIT License",
+    "Operating System :: OS Independent",
+    "Topic :: Security",
+]
+dependencies = [
+    "requests",
+]
+
+[project.urls]
+"Homepage" = "https://github.com/abusech/YARAify"
+
+[project.scripts]
+yaraify-submit = "yaraify:submit"
+yaraify-lookup = "yaraify:lookup_hash"
+yaraify-rule   = "yaraify:lookup_rule"
+yaraify-task   = "yaraify:check_task"
+yaraify-list   = "yaraify:list_tasks"
+yaraify-rescan = "yaraify:rescan"
+yaraify-upload = "yaraify:upload_rule"

setup.py

@@ -0,0 +1,15 @@
+from setuptools import setup, find_packages
+
+setup(
+    name="yaraify",
+    version="0.1.0",
+    packages=find_packages(),
+    install_requires=[
+        "requests",
+    ],
+    entry_points={
+        'console_scripts': [
+            'yaraify=yaraify.main:main',
+        ],
+    },
+)

yaraify/__init__.py

@@ -0,0 +1,44 @@
+# yaraify/__init__.py
+import subprocess
+import sys
+import os
+
+__version__ = "1.0.0"
+
+
+def _run(script_name):
+    """Internal helper to execute the scripts as they are."""
+    script_path = os.path.join(os.path.dirname(__file__), f"{script_name}.py")
+    # We use subprocess to run the script in a fresh process,
+    # ensuring it gets its own sys.argv and environment.
+    cmd = [sys.executable, script_path] + sys.argv[1:]
+    subprocess.run(cmd)
+
+
+# Function pointers for the pyproject.toml entry points
+def submit():
+    _run("yaraify_submit")
+
+
+def lookup_hash():
+    _run("yaraify_lookup_hash")
+
+
+def lookup_rule():
+    _run("yaraify_lookup_yara-rule")
+
+
+def check_task():
+    _run("yaraify_check_taskid")
+
+
+def list_tasks():
+    _run("yaraify_list_tasks")
+
+
+def rescan():
+    _run("yaraify_rescan")
+
+
+def upload_rule():
+    _run("upload_yara_rule")