Skip to content

This repository contains a list of known YARA rules which researchers can use according to their needs.The repository is opensource and can be used by the end users as long as they follow the GNU GENERAL PUBLIC LICENSE V3.

License

Notifications You must be signed in to change notification settings

z0m31en7/yara-rules

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

41 Commits
 
 
 
 
 
 

Repository files navigation

YARA Rules

Follow Twitter License YARA LOGO

This repository contains a list of known YARA rules which researchers can use according to their needs.The repository is opensource and can be used by the end users as long as they follow the GNU GENERAL PUBLIC LICENSE V3.

About YARA

YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a. rule, consists of a set of strings and a boolean expression which determine its logic.

New to YARA ?

You can check these links if you are new to YARA and want to learn more about it:

Writing Your Own YARA Rule: https://yara.readthedocs.io/en/v3.4.0/writingrules.html

Running YARA From Command Line: https://yara.readthedocs.io/en/v3.4.0/commandline.html

Using YARA For Malware Detection: https://us-cert.cisa.gov/sites/default/files/FactSheets/NCCIC%20ICS_FactSheet_YARA_S508C.pdf

Detecting-Malicious-Files-With-YARA-Rules-As-They-Traverse-the-Network: https://i.blackhat.com/USA-19/Wednesday/us-19-Bernal-Detecting-Malicious-Files-With-YARA-Rules-As-They-Traverse-the-Network-wp.pdf

Writing Effective YARA Signatures to Identify Malware: https://insights.sei.cmu.edu/sei_blog/2012/11/writing-effective-yara-signatures-to-identify-malware.html

Useful Links :

Signature-Based Detection With YARA : https://securityintelligence.com/signature-based-detection-with-yara/

Latest YARA documentation : http://yara.readthedocs.io/en/latest/

YARA: Simple and Effective Way of Dissecting Malware : http://resources.infosecinstitute.com/yara-simple-effective-way-dissecting-malware/

Contribution

I totally look forward for some contribution from other users to this repository.In order to contribute the user can create a pull request with the content they would like to add.

Contact

Twitter: https://twitter.com/0x9747/ Instagram: https://instagam.com/umairnehri9747/

About

This repository contains a list of known YARA rules which researchers can use according to their needs.The repository is opensource and can be used by the end users as long as they follow the GNU GENERAL PUBLIC LICENSE V3.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • YARA 100.0%