YARA v4.0.0 Released - The Pattern Matching Swiss Knife

martyb

from SoylentNews on 2020-05-01 02:29 (#52X0M)

An Anonymous Coward writes:

YARA version 4.0.0 has been released.

YARA is the name of a tool primarily used in malware research and detection. YARA was originally developed by Victor Alvarez of VirusTotal. The name is either an abbreviation of YARA: Another Recursive Acronym, or Yet Another Ridiculous Acronym. YARA by default comes with modules to process PE, ELF analysis, as well as support for the open-source Cuckoo sandbox. [1]

From the YARA github page:

YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determine its logic.
[...] more complex and powerful rules can be created by using wild-cards, case-insensitive strings, regular expressions, special operators and many other features that you'll find explained in YARA's documentation.

YARA has been called, "The pattern matching swiss knife."

[1] https://en.wikipedia.org/wiki/YARA

Original Submission

Source	RSS or Atom Feed
Feed Location	https://soylentnews.org/index.rss
Feed Title	SoylentNews
Feed Link	https://soylentnews.org/
Feed Copyright	Copyright 2014, SoylentNews