[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#728934: ITP: yara -- help to identify and classify malwares



Package: wnpp
Severity: wishlist
Owner: Joao Eriberto Mota Filho <eriberto@eriberto.pro.br>

* Package name    : yara
  Version         : 1.7
  Upstream Author : Victor M. Alvarez <victor.alvarez@virustotal.com>,
                    Mike Wiacek <mjwiacek@google.com>
* URL             : http://code.google.com/p/yara-project
* License         : Apache-2.0
  Programming Lang: C
  Description     : help to identify and classify malwares

 YARA is a tool aimed at helping malware researchers to identify
 and classify malware samples. With YARA you can create descriptions
 of malware families based on textual or binary patterns contained
 on samples of those families. Each description consists of a set of
 strings and a Boolean expression which determines its logic. This is
 useful in forensics analysis.
 .
 Complex and powerful rules can be created by using binary strings with
 wild-cards, case-insensitive text strings, special operators, regular
 expressions and many other features. 
 .
 Are examples of the organizations and services using YARA:
 .
  - VirusTotal Intelligence (https://www.virustotal.com/intelligence/)
  - jsunpack-n (http://jsunpack.jeek.org/)
  - We Watch Your Website (http://www.wewatchyourwebsite.com/)
  - FireEye, Inc. (http://www.fireeye.com)
  - Fidelis XPS (http://www.fidelissecurity.com/network-security-appliance/ \
    Fidelis-XPS)


Reply to: