SANS Institute - Yara

From GCA ACT
Revision as of 02:57, 24 April 2024 by Globalcyberalliance (talk | contribs) (Updated via script)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigationJump to search

Description


The Advanced Malware Protection (AMP) tool, Yara, was found at the website of the São Paulo Research Foundation (FAPESP). Yara is a tool that allows users to scan files or memory modules and identify malicious software. Yara uses a signature-based approach, where a user can create a signature for a specific piece of malware and then use that signature to identify the malware in a scan.

More Information


https://virustotal.github.io/yara/