Following our guide about regular expressions, we present a new unique tool that can help you with a creation of such expressions, mainly for those used in the YARA Cuckoo module. To fully understand the benefits of our new open...
For the fifth post of the Know Your YARA Rules series, we want to create a comprehensive manual for regular expressions that would improve your YARA rules. Why is it so complicated? When discussing regular expressions, we must first address the...
In the third post of the Know Your YARA Rules series, we mentioned that something is cooking up in the YARA world. In this post, we will investigate what the future holds for the YARA tool and its users. We are introducing the next generation of the...
In the third post of the Know Your YARA Rules series, we will look at the last release of the YARA tool and reasons why it is a good idea to be up to date about new versions of this open-source project. We will tell you about the interesting...
In the second post of the Know Your YARA Rules series, we will continue to explore more hurdles that keep you from achieving the maximum performance from your YARA rules. Today, we will demonstrate several examples where even a tiny change in your...
With this article, we are starting a new series on the Engineering blog – Know Your YARA Rules. In this series, we would like to share tips and tricks we learned from using YARA daily. We aim to pick fewer known facts about YARA and how it...
YARA is a well known tool in the security industry used to classify and identify malware samples. At Avast, we are trying our best to share our improvements and tools with the open-source community. An example of this are the two recent blog posts...
YARA is a language and tool used to describe and match detection patterns for malware classification. At Avast, we actively contribute to the development of YARA-based tools and libraries. Recently, we open-sourced our YARA Language Server and now...
Welcome to part one of a series exploring our recently open-sourced YARA tools. In this article, we take a look at YARA Language Server (YLS). YARA is a tool and a language to classify and identify malware samples. The language consists of rules...
This blog post is based on some testing that I did some time ago. In my team at Avast, we are using Yara to its fullest potential, and even though we are satisfied with this tool overall, we’re constantly working on additional improvements (as...