Overview

YARA Project page - GitHub

One of the most essential tools in the modern malware analyst's and incident responder's toolbox is Yara, a straightforward engine that can quickly analyze files and produce rule matches based upon patterns defined in yara rules against strings within the file. It is multi-platform, running on Linux, MacOS, and Windows.

Description

From the project page:

YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns

Companion tools

Loki

• see Loki

yarGen

• yarGen Project page - GitHub

Valhalla

• Site: https://valhalla.nextron-systems.com

A threat-intel site oriented toward Yara rules