Add YARA dependency and implement rule compilation

- Added yara crate v0.28 to ghost-core dependencies
- Implemented real YARA rule compilation from .yar/.yara files
- Added recursive rule file discovery in rules directory
- Implemented memory scanning with compiled YARA rules
- Added proper error handling for rule compilation and scanning
- Cross-platform memory reading support (Windows, Linux, macOS stub)

Generated with [Claude Code](https://claude.com/claude-code)

ghost-core/Cargo.toml

@@ -15,6 +15,7 @@ serde_json = "1.0"
 uuid = { version = "1.0", features = ["v4"] }
 toml = "0.8"
 chrono = "0.4"
+yara = "0.28"
 
 [target.'cfg(windows)'.dependencies]
 windows = { version = "0.58", features = [