YARA

YARA is a tool and rule language designed to help malware researchers identify and classify malware samples. Analysts can define textual or binary patterns along with boolean logic to create detection rules. YARA can scan files, processes, and memory to detect indicators of compromise and malicious behavior. It is often integrated with threat intelligence platforms, SIEMs, and sandbox systems to automate malware detection. YARA rules are widely shared in the cybersecurity community, making it a foundational tool for malware analysis and digital forensics.

Details

Deployment mode

Desktop Linux

Desktop Mac

Desktop Windows

On-premise Linux

Pricing model

Free

Open source

Organisation

Recommended by NERO

This organisation collects external/opensource solutions and training resources collected and validated by NERO partners.

Training and support

Free trial available:

Yes

Available trainings

Ratings & reviews

This solution has not been reviewed yet.