PLDB
Languages Features Calendar CSV Lists Blog About Sponsor Add Language
GitHub icon

YARA

YARA

YARA, aka Yet Another Recursive Acronym, is a pl created in 2008 by Victor M. Alvarez.

#283on PLDB 14Years Old 10.1kUsers
0Books 0Papers 812Repos

YARA is the name of a tool primarily used in malware research and detection. It provides a rule-based approach to create descriptions of malware families based on textual or binary patterns. A description is essentially a Yara rule name, where these rules consist of sets of strings and a boolean expression. Read more on Wikipedia...


Example from the web:
rule silent_banker : banker { meta: description = "This is just an example" threat_level = 3 in_the_wild = true strings: $a = {6A 40 68 00 30 00 00 6A 14 8D 91} $b = {8D 4D B0 2B C1 83 C0 27 99 6A 4E 59 F7 F9} $c = "UVODFRYSIHLNWPEJXQZAKCBGMT" condition: $a or $b or $c }
Example from Linguist:
rule test { condition: true }
netlogo.html 路 yara.html 路 sgml.html

View source

PLDB - Build the next great programming language 路 v2022 Day 33 Docs Build Acknowledgements Traffic Today Traffic Trends Mirrors GitHub feedback@pldb.com