yara

This entry is part 17 of 23 in the series Threat Detection Engineering

Views: 30“The pattern matching swiss knife for malware researchers (and everyone else)” Useful Yara Resources Various Github repositories provide a wealth of examples of YARA, https://github.com/Yara-Rules/rules/tree/master/malware https://github.com/mikesxrs/Open-Source-YARA-rules/tree/masterUseful Yara Rules Repositories The DFIR Report” shares YARA rules derived from their investigations, https://github.com/The-DFIR-Report/Yara-RulesYara DFIR Report YARA in a nutshell YARA is a tool aimed at (but not limited … Read more

Yara 101

by Bharath Narayanasamy

This entry is part 5 of 23 in the series Threat Detection Engineering

Views: 15YARA is a powerful pattern-matching tool and rule format used for identifying and classifying files based on specific patterns, characteristics, or content. SOC analysts commonly use YARA rules to detect and classify malware samples, suspicious files, or indicators of compromise (IOCs). Yara is an essential tool used by SOC analysts to enhance their threat detection … Read more