Threat Hunting with Yara
Notes from Threat Hunting like Ninja workshop
What can we do with Yara
Who uses Yara
Recommendation when writing Yara Rules
Basics
Three parts: meta (descriptions,..), strings (what are we looking for) and condition (under which circumstances)
Strings support
Conditions
Desing Yara Rules
Naming convention
Example
More about metadata
Hashes in Yara Rules
Common Mistakes
Better Approach
Yara Sources
Testing
Automatic Yara Generator
Examples
Last updated