Applied YARA training Q&A
Introduction On August 31, 2021 we ran a joint webinar between VirusTotal and Kaspersky, with a focus on YARA rules best practices and real world examples. If you didn’t have the chance to watch...
Tagged: YARA
Halogen – Automatically Create YARA Rules From Malicious Documents
Halogen is a tool to automate the creation of yara rules against image files embedded within a malicious document. Halogen help python3 halogen.py -husage: halogen.py [-h] [-f FILE] [-d DIR] [-n NAME] [–png-idat] [–jpg-sos]Halogen:...
kraken – Cross-platform Yara scanner written in Go Resources
Kraken is a simple cross-platform Yara scanner that can be built for Windows, Mac, FreeBSD and Linux. It is primarily intended for incident response, research and ad-hoc detections (not for endpoint protection). Following are...
Kraken – Cross-platform Yara Scanner Written In Go
Kraken is a basic cross-system Yara scanner that can be created for Windows, Mac, FreeBSD and Linux. It is primarily intended for incident response, analysis and advertisement-hoc detections (not for endpoint defense). Following are...
Why master YARA: from routine to extreme threat hunting cases. Follow-up
On 3rd of September, we were hosting our “Experts Talk. Why master YARA: from routine to extreme threat hunting cases“, in which several experts from our Global Research and Analysis Team and invited speakers...
