| FileSize | 75800 |
| MD5 | AC3B1F8E384EB37434410805FA716C7B |
| PackageDescription | help to identify and classify malwares
YARA is a tool aimed at helping malware researchers to identify
and classify malware samples. With YARA you can create descriptions
of malware families based on textual or binary patterns contained
on samples of those families. Each description consists of a set of
strings and a Boolean expression which determines its logic. This is
useful in forensics analysis.
.
Complex and powerful rules can be created by using binary strings with
wild-cards, case-insensitive text strings, special operators, regular
expressions and many other features.
.
Are examples of the organizations and services using YARA:
.
- VirusTotal Intelligence (https://www.virustotal.com/intelligence/)
- jsunpack-n (http://jsunpack.jeek.org/)
- We Watch Your Website (http://www.wewatchyourwebsite.com/)
- FireEye, Inc. (http://www.fireeye.com)
- Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \
Fidelis-XPS)
.
The Volatility Framework is an example of the software that uses YARA. |
| PackageMaintainer | Debian Forensics <forensics-devel@lists.alioth.debian.org> |
| PackageName | yara |
| PackageSection | utils |
| PackageVersion | 3.1.0-2+deb8u1 |
| SHA-1 | E9740C514246D23BB72A2DA11D1A2A78AAF07237 |
| SHA-256 | 1162BA1543FD942C58D0BEF1DD879F8C0BA9B3E70E5753CD4670F3F46D163494 |