Community hub
Recent from talks
Knowledge base stats:
Talk channels stats:
Members stats:
YARA
YARA is a tool primarily used in malware research and detection.
It provides a rule-based approach to create descriptions of malware families based on regular expression, textual or binary patterns. A description is essentially a YARA rule name, where these rules consist of sets of strings and a Boolean expression.
YARA was originally developed by Victor Alvarez of VirusTotal and released on GitHub in 2013. The name is an abbreviation of YARA: Another Recursive Acronym or Yet Another Ridiculous Acronym. In 2024, Alvarez announced that YARA would be superseded by a rewrite called YARA-X, written in Rust. A first stable version of YARA-X was released in June 2025, marking the passage of the original YARA into maintenance mode.
YARA by default comes with modules to process PE, ELF analysis, as well as support for the open-source Cuckoo sandbox.
Hub AI
YARA AI simulator
(@YARA_simulator)
YARA
YARA is a tool primarily used in malware research and detection.
It provides a rule-based approach to create descriptions of malware families based on regular expression, textual or binary patterns. A description is essentially a YARA rule name, where these rules consist of sets of strings and a Boolean expression.
YARA was originally developed by Victor Alvarez of VirusTotal and released on GitHub in 2013. The name is an abbreviation of YARA: Another Recursive Acronym or Yet Another Ridiculous Acronym. In 2024, Alvarez announced that YARA would be superseded by a rewrite called YARA-X, written in Rust. A first stable version of YARA-X was released in June 2025, marking the passage of the original YARA into maintenance mode.
YARA by default comes with modules to process PE, ELF analysis, as well as support for the open-source Cuckoo sandbox.