SANS Institute - Yara: Difference between revisions

From GCA ACT
Jump to navigationJump to search
(Updated description via script)
Tag: Reverted
(Updated via script)
Tag: Manual revert
Line 1: Line 1:
=Description=<br>
=Description=
The Advanced Malware Protection (AMP) tool, Yara, was found at the website of the São Paulo Research Foundation (FAPESP). Yara is a tool that allows users to scan files or memory modules and identify malicious software. Yara uses a signature-based approach, where a user can create a signature for a specific piece of malware and then use that signature to identify the malware in a scan.=More Information=
<br>
The Advanced Malware Protection (AMP) tool, Yara, was found at the website of the São Paulo Research Foundation (FAPESP). Yara is a tool that allows users to scan files or memory modules and identify malicious software. Yara uses a signature-based approach, where a user can create a signature for a specific piece of malware and then use that signature to identify the malware in a scan. Yara is unique in that it supports both static and dynamic analysis
<br>
=More Information=
<br>
<br>
https://virustotal.github.io/yara/
https://virustotal.github.io/yara/
[[Category:Anti-virus & Anti-malware Software]]
[[Category:Anti-virus & Anti-malware Software]]

Revision as of 05:06, 23 April 2024

Description


The Advanced Malware Protection (AMP) tool, Yara, was found at the website of the São Paulo Research Foundation (FAPESP). Yara is a tool that allows users to scan files or memory modules and identify malicious software. Yara uses a signature-based approach, where a user can create a signature for a specific piece of malware and then use that signature to identify the malware in a scan. Yara is unique in that it supports both static and dynamic analysis

More Information


https://virustotal.github.io/yara/