Intro
Splunk
ELK
- Kibana
Forensics
Hunting
Standard Operating Procedures
Best Practices
- Good/Best Practices in Security
Penetration Testing
Cloud
- Cloud Providers
- Azure
Azure
- AZ-500
- AZ-900
Threat Intelligence
Learning
- Useful Pages

Powered by GitBook

On this page

What can we do with Yara
Who uses Yara
Recommendation when writing Yara Rules
Basics
Strings support
Conditions
Desing Yara Rules
Naming convention
More about metadata
Hashes in Yara Rules
Common Mistakes
Better Approach
Yara Sources
Testing
Automatic Yara Generator
Examples

Was this helpful?

Threat Hunting with Yara

Notes from Threat Hunting like Ninja workshop

PreviousLabs NextThreat Hunting with VirusTotal

Last updated 4 years ago

What can we do with Yara

Who uses Yara

Recommendation when writing Yara Rules

Basics

Three parts: meta (descriptions,..), strings (what are we looking for) and condition (under which circumstances)

Strings support

Conditions

Desing Yara Rules

Naming convention

Example

More about metadata

Hashes in Yara Rules

Common Mistakes

Better Approach

Yara Sources

Testing

Automatic Yara Generator

Examples