[HN Gopher] YARA - The pattern matching swiss knife
       ___________________________________________________________________
        
       YARA - The pattern matching swiss knife
        
       Author : peter_d_sherman
       Score  : 46 points
       Date   : 2020-12-06 17:22 UTC (5 hours ago)
        
 (HTM) web link (github.com)
 (TXT) w3m dump (github.com)
        
       | elitepleb wrote:
       | YARA has been a pleasure to work with ever since i switch from
       | IDA with sigmaker to Ghidra with YaraGhidraGUI.
       | 
       | Really made me think of how to actually make patterns match asm
       | by hand when needed.
        
       | LiamPa wrote:
       | I use yara for real time screening in Django rest and it's super
       | fast and easy, Airbnb open sourced binary alert which is a cool
       | serverless implementation.
       | 
       | https://github.com/airbnb/binaryalert
        
       | h2odragon wrote:
       | The part of the docs i want to skim to see what it does is nicely
       | on one page:
       | https://yara.readthedocs.io/en/stable/writingrules.html
        
       | saagarjha wrote:
       | Yara happens to power XProtect, macOS's malware detection tool.
       | It's production-ready ;)
        
       | amelius wrote:
       | Perhaps it's just me but I would expect a "pattern matching swiss
       | knife" to at least have some machine-learning capabilities.
        
       ___________________________________________________________________
       (page generated 2020-12-06 23:00 UTC)