Write, compile and test signatures for the Yara tool and determine whether they are compiled correctly to identify malware using this straightforward app.
- YaraEditor
- Version:2.3.0
- License :Freeware
- OS:Windows All
- Publisher:Adlice Software
YaraEditor Description
In the eventuality that you want to write codes to help malware researchers identify and classify viruses, then you probably know that few tools are as efficient as Yara. While an overall good utility for creating descriptions and binary patterns, the engine lacks one important component, the code editor.
As the name implies, YaraEditor is an application that enables you to test out the sample signatures you are working on for the Yara engine.
Comes with a fresh and appealing GUI
Unlike the engine itself, the application comes with a modern, sleek and well-organized interface that consists of the main window split into two tabs, namely the Build and respectively the Test tab. You will be happy to learn that the application includes syntax highlight and supports drag and drop, features that can simplify your work a great deal.
While you can test or edit code signatures you have been working on, you should know that the app also enables you to start from scratch. Unfortunately, the app acts as an editor alone and does not provide you with extra information about how to write codes for the Yara engine. On a side note, you can find ample documentation about this topic from the developer’s website.
Allows you to write and test the signatures
The idea behind the program is to enable you to write scripts based on certain rules to identify various types of malware. You should know that there is no limit to the number of rules you can add to your code and more importantly, you can compile them all and check them for errors in just a few clicks.
Among the tests that you can carry out using this utility, you can count testing your rules against Unicode and ANSI strings or by scanning various processes memory that might be directly affected. In addition, the application enables you to check your rules by scanning files that contain the malware you are trying to identify.
In case you encounter errors, you should keep in mind that you can review the rules and make the adequate corrections.
A handy tool for anyone working with the Yara engine
All in all, if you are interested in writing codes for detecting and classifying malware, then YaraEditor can provide you with a friendly environment to compile and test them.