"Those who are willing to pay a penny of security for a penny of usability will eventually have neither"

10 febrero 2017


If you happen to start learning the techniques and procedures of malware analisys (just like me), you may find usefull the following resources:

The basic stuff:

The Yara documentation:

A gentle introduction to the subject:

Let's see how to do it (video):

You'll also need:

List of signatures:

An Hex editor of your choice:

Some performance guidelines:

Which platform?:

You can install it on Windows, as explained in the documentation above.

But your choice may also be using a Linux distro specifically designed for malware analys, like REMnux, which includes yara (and many others tools) by default:

REMnux can also share space with SIFT Workstation:

You can always use Yara online:

{Enjoy it!}