YARA Package Description
With YARA you can create descriptions of malware families based on textual or binary patterns contained on samples of those families. Each description consists of a set of strings and a boolean expression which determines its logic. This package contains the command-line interface.
- Author: Victor M. Alvarez
- License: Apache-2.0
Tools included in the yara package
yara – Tool to identify and classify malware samples
usage: yara [OPTION]... [RULEFILE]... FILE | PID
-t <tag> print rules tagged as <tag> and ignore the rest. Can be used more than once.
-i <identifier> print rules named <identifier> and ignore the rest. Can be used more than once.
-n print only not satisfied rules (negate).
-g print tags.
-m print metadata.
-s print matching strings.
-l <number> abort scanning after a <number> of rules matched.
-d <identifier>=<value> define external variable.
-r recursively search directories.
-f fast matching mode.
-v show version information.
Report bugs to: <firstname.lastname@example.org>