Scan plugins support and Libyara

[buzzer-re]

This PR adds a LOT of things, here is everything included

Scan plugin basic structure

general_plugin

A pre-defined exported function for PE scans, if any plugin has a function called plugin_scan, it will be called with pe_ctx_t structure, this is used by the Yara plugin

Yara plugin support in pescan

yarascan.c

Using the scan plugin structure, at the end of all pescan work, we can call the general_plugin function scan_plugins_run_scan that will run ALL plugins that have the scan_pe exported function

Also, in the general makefile is created a plugin configuration folder and in the plugins makefile is created a yara_rule folder in this plugin config folder.

Example of rule: /usr/local/share/pev/plugins/yara_rules/<any_rule>.yar

The yara scan plugin will load all rules in the folder.

Example:

pescan -f json VirusShare_92c2bb8f606b2d01b42502eee3210396 
{
    "file entropy": "6.725520 (normal)",
    "fpu anti-disassembly": "no",
    "imagebase": "normal",
    "entrypoint": "normal",
    "DOS stub": "normal",
    "TLS directory": "not found",
    "timestamp": "normal",
    "section count": "4",
    "sections": [
        {
            ".text": "normal"
        },
        {
            ".rdata": "normal"
        },
        {
            ".data": "normal"
        },
        {
            ".rsrc": "normal"
        }
    ],
    "Yara": [
        "Microsoft_Visual_Cpp_v60",
        "Microsoft_Visual_Cpp_v50v60_MFC_additional",
        "Microsoft_Visual_Cpp_50",
        "Microsoft_Visual_Cpp_v50v60_MFC",
        "Armadillo_v4x",
        "Microsoft_Visual_Cpp"
    ]
}

Other changes

Move all the struct defintion and header includes from plugins.c to plugins.h, created a output interface for all plugins using function pointers to output functions like,output_open_scope, in pev_api struct.

[buzzer-re]

Need add libyara in github action