The material presented here teaches how to use YARA and covers various aspects.
Table of contents:
- Popular YARA rules repositories
- YLS - A development environment for YARA
- YARA CLI scanner basics
- A journey through the sections and modules
- A set of YARA rule examples
- Virustotal hunting with the YARA vt module
- Tips & tricks when developing YARA rules
- YARA performance issues + optimization tips
- API usage in Python + C
- 5 YARA challenges and solutions
The malware samples used are listed in each example and challenge in a file called hashes.txt. Most of them can be found on malware repositories such as Virustotal.