Does not require yara to be deployed (embeds all needed native dependencies). Supports two modes of operation: External: yara binary extracted and executed as a child process, Embedded: yara jnilib runs embedded in the java process. Rules can be loaded as strings, files or archives; for archives will recursively look for and load all yara rule files. Matches are returned with identifier, metadata, and tags. Negate, timeout, and limit supported. Support yara 4.0.2 -- 2021/1/17. How to build: Get and build yara source code. Example (building from 4.0.2 version): git clone https://github.com/virustotal/yara.git cd yara git checkout tags/v4.0.2 ./bootstrap.sh ./configure --enable-shared --without-crypto CFLAGS=-fPIC make Get and build yara-java. Example (in 'yara' folder): git clone https://github.com/p8a/yara-java.git cd yara-java mvn clean install Usage and examples: See the unit tests. Notes: After you successfully added some sources you can get the compiled rules using the yr_compiler_get_rules() function. You'll get a pointer to a YR_RULES structure which can be used to scan your data as described in Scanning data. Once yr_compiler_get_rules() is invoked you can not add more sources to
FEATURES
ALTERNATIVES
QIRA is a competitor to strace and gdb with MIT license, supporting Ubuntu and Docker for wider compatibility.
Statistical renaming, Type inference, and Deobfuscation tool for JavaScript code.
SafeLine WAF is an open-source web application firewall that protects web services by filtering malicious HTTP traffic through intelligent semantic analysis and machine learning-based detection.
A software supply chain security platform that analyzes binaries and software components to detect malware, vulnerabilities, exposed secrets, and tampering throughout the development lifecycle.
Octoscan is a static analysis tool that scans GitHub Actions workflows for security vulnerabilities and misconfigurations.
StaCoAn is a cross-platform tool for static code analysis on mobile applications, emphasizing the identification of security vulnerabilities.
An automated API security testing platform that provides continuous vulnerability assessment, validation, and educational resources for API endpoint security.
PINNED

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.

CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.