YARA is a tool aimed at helping malware researchers to identify and classify malware samples by creating descriptions of malware families based on textual or binary patterns through rules consisting of strings and boolean expressions. It allows for the creation of complex rules using wild-cards, case-insensitive strings, regular expressions, and special operators.
FEATURES
SIMILAR TOOLS
A collaborative malware analysis framework with various features for automated analysis tasks.
A tool that extracts and deobfuscates strings from malware binaries using advanced static analysis techniques.
Code to prevent a managed .NET debugger/profiler from working.
CAPA is a static analysis tool that detects and reports capabilities in executable files across multiple formats, mapping findings to MITRE ATT&CK tactics and techniques.
A sandbox for quickly sandboxing known or unknown families of Android Malware
A binary analysis and management framework for organizing and analyzing malware and exploit samples, and creating plugins.
A program to manage yara ruleset in a database with support for different databases and configuration options.
An open source .NET deobfuscator and unpacker that restores packed and obfuscated assemblies by reversing various obfuscation techniques.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.