Top 1,000 Features Creators Events Podcasts Extensions Blog Explorer CSV Download

YARA

< >

YARA, aka Yet Another Recursive Acronym, is an open source programming language created in 2008 by Victor M. Alvarez.

#215on PLDB 16Years Old 812Repos
Download source code:
git clone https://github.com/VirusTotal/yara

YARA is the name of a tool primarily used in malware research and detection. It provides a rule-based approach to create descriptions of malware families based on textual or binary patterns. A description is essentially a Yara rule name, where these rules consist of sets of strings and a boolean expression. Read more on Wikipedia...


Example from the web:
rule silent_banker : banker { meta: description = "This is just an example" threat_level = 3 in_the_wild = true strings: $a = {6A 40 68 00 30 00 00 6A 14 8D 91} $b = {8D 4D B0 2B C1 83 C0 27 99 6A 4E 59 F7 F9} $c = "UVODFRYSIHLNWPEJXQZAKCBGMT" condition: $a or $b or $c }
Example from Linguist:
rule test { condition: true }

View source

- Build the next great programming language About Resources Acknowledgements Part of the World Wide Scroll