Open-Source YARA Rules

ReversingLabs has developed a set of Open-Source YARA rules built with the purpose of delivering zero false positives. Achieving the highest level of quality requires a rigorous quality assurance test. Each rule must be run against ReversingLabs industry leading cloud repository of 25B unique binaries. Only the rules that meet the strictest of criteria are considered for GitHub.

YARA Rules
YARA Rules

100’s of Open-Source YARA Rules Now Available

ReversingLabs has developed, tested and published over 100 Open-Source YARA rules on GitHub.

The rules cover a broad range of categories, detecting a multitude of malware downloaders, viruses, trojans, exploits and ransomware.

Yara2

How to Use Open-Source YARA Rules Today

YARA detection rules are developed for threat hunters, threat researchers, incident responders and security analysts with the mission to reduce malware infection risk across the organization.

Each unique rule can inspect file content on endpoints, during transfer, execution or at rest. While there’s no limit to usage, the best results are seen with fully inspected multi-layered content.

Apply these YARA rules within static analysis solutions that perform decomposition, dynamic sandbox solutions that perform in memory YARA matching, network IPS controls or even SIEMs.

Access Quality Open-Source YARA Rules on GitHub

Access Quality Open-Source YARA Rules on GitHub

On June 30th 2020 ReversingLabs published over 100 open-source YARA rules within the ReversingLabs GitHub repository.

ReversingLabs plans to use the GitHub repository as the primary delivery method for threat defenders to access updated and quality open-source YARA rules that detect the latest threats.

Product Insights

Video

How to Hunt for Threats Using YARA Rules

How to Hunt for Threats Using YARA Rules

Finding similar or relevant samples using YARA is part of every hunter's day, and is similar to finding a needle in a haystack.

Watch Video

Blog

Exposing Ryuk Variants Using YARA

Exposing Ryuk Variants Using YARA

Getting Ahead of Ryuk attacks using YARA Rules

Read Blog

Webinar

How to Analyze the Kwampirs RAT

How to Analyze the Kwampirs RAT

We'll show you easy ways to search for file-based threats, exposing our human readable indicators and explainable threat intelligence, and demonstrating how to take action by hunting for variants of the Kwampirs RAT using YARA.

Watch Webinar