YARA

Pattern-matching language for malware classification. Rules combine string and byte-pattern conditions with metadata. Used by VirusTotal, every major sandbox, and most threat-intel platforms. Rule sets like YARA-Forge, Florian Roth's signature-base and the YARA hub at YARA-Rules are common starting points.

Explained in

Malware Forensics: Static, Dynamic, Sandbox and Memory Analysis

Your journey to becoming a forensic professional starts here.

Practice with mock tests, learn from structured notes, and get your questions answered by a global forensic community, all in one place.

Continue learning Create Your Account

YARA

Explained in

Related terms

Your journey to becoming a forensic professional starts here.