Following our guide about regular expressions, we present a new unique tool that can help you with a creation of such expressions, mainly for those used in the YARA Cuckoo module. To fully understand the benefits of our new open...
For the fifth post of the Know Your YARA Rules series, we want to create a comprehensive manual for regular expressions that would improve your YARA rules. Why is it so complicated? When discussing regular expressions, we must first address the...
In the third post of the Know Your YARA Rules series, we mentioned that something is cooking up in the YARA world. In this post, we will investigate what the future holds for the YARA tool and its users. We are introducing the next generation of the...
In the third post of the Know Your YARA Rules series, we will look at the last release of the YARA tool and reasons why it is a good idea to be up to date about new versions of this open-source project. We will tell you about the interesting...
In the second post of the Know Your YARA Rules series, we will continue to explore more hurdles that keep you from achieving the maximum performance from your YARA rules. Today, we will demonstrate several examples where even a tiny change in your...
With this article, we are starting a new series on the Engineering blog – Know Your YARA Rules. In this series, we would like to share tips and tricks we learned from using YARA daily. We aim to pick fewer known facts about YARA and how it...
This blog post is based on some testing that I did some time ago. In my team at Avast, we are using Yara to its fullest potential, and even though we are satisfied with this tool overall, we’re constantly working on additional improvements (as...
This blog post is based on my paper Pattern Matching in YARA: Improved Aho-Corasick Algorithm and a pull request that I opened on the upstream version of Yara. My main goal is to describe the changes from a more practical point of view and also...