YARA explained

Released:2013
Designer:Victor Alvarez
Latest Release Version:

YARA is a tool primarily used in malware research and detection.

It provides a rule-based approach to create descriptions of malware families based on regular expression, textual or binary patterns. A description is essentially a YARA rule name, where these rules consist of sets of strings and a Boolean expression.[1]

History

YARA was originally developed by Victor Alvarez of VirusTotal and released on GitHub in 2013.[2] The name is an abbreviation of YARA: Another Recursive Acronym or Yet Another Ridiculous Acronym.[3]

Design

YARA by default comes with modules to process PE, ELF analysis, as well as support for the open-source Cuckoo sandbox.

See also

External links

Notes and References

  1. Web site: Welcome to YARA's documentation!. 2023-09-18. yara.readthedocs.io.
  2. Web site: Release v1.7.1. GitHub.
  3. plusvic. Victor M. Alvarez. 778983467627479040. 22 September 2016. @milliped @yararules YARA is an acronym for: YARA: Another Recursive Acronym, or Yet Another Ridiculous Acronym. Pick your choice..

This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "YARA".

Except where otherwise indicated, Everything.Explained.Today is © Copyright 2009-2024, A B Cryer, All Rights Reserved. Cookie policy.