Yara Rules Repository

YaraRules Project

last update:

Yara-Rules project is proud to anounce YaGo. YaGo is a tool that converts Yara rules into JSON files, that’s it, simple. Yara has a great comunity that use it and use a lot of rules, but sometimes it is hard to manage all of them, it is difficult to get a bird’s eye view of your rule set so we thought coverting the rules in json format will help. YaGo can be used as a standalone application or you can embed it on your own application.

Website Redesign

Hello Yara lovers! We have been very busy lately working on ways to improve the YaraRules project and the online YaraRules Analyzer. The first of the changes and improvements is the redesigned website that you are seeing right now. We have moved from WordPress to Hugo in an effort of simplifying the web and its management. But that is not the only thing we are working on. We are working also on the YaraRules Analyzer and the YaraRules ruleset and have planned some improvements that you will enjoy for sure.

YaraRules Analyzer

At YaraRules Project we want to offer to the Community a new online service: “YaraRules Analyzer”. It allows you to analyze your files on the cloud using the full YaraRules ruleset, so you do not need to install Yara in your local computer and you also make sure to analyze your files against the latest YaraRules ruleset. This service is still in an alpha stage, is available at https://analysis.yararules.com/ and once you have uploaded the file to analyze, you can choose either to use the full ruleset or the rules from particular categories.

If you’re interested in sharing your Yara rules with us and the Security Community, you can join our mailing list, send a message to our Twitter account @YaraRules, or submit a pull request on our Github Repository. We have divided our ruleset in five categories, each one of them represented by a file: AntiDebug, Crypto, Malicious Document, Packer and Malware. Also, the malware category is split in a per malware family basis.

This project arises out of the need to have a repository to compile different Yara signatures, classified and most up to date as possible. Yara is a tool increasingly used, but knowledge is dispersed, so one of the main objectives of the Yara Rules project is to offer a Yara ruleset as complete as possible to provide a quick way to get and update existing rules. We hope it is useful for the Security Community and are looking forward for your feedback.