YARA is the name of a tool primarily used in malware research and detection.
It provides a rule-based approach to create descriptions of malware families based on textual or binary patterns. A description is essentially a YARA rule name, where these rules consist of sets of strings and a boolean expression. The language used has traits of Perl compatible regular expressions.
- "Signature-Based Detection With YARA". Retrieved 28 Nov 2016.
- "Remove Duplicate Yara Rules with PowerShell Regular Expressions". Retrieved 28 Nov 2016.
- Victor M. Alvarez [@plusvic] (22 September 2016). "@milliped @yararules YARA is an ancronym for: YARA: Another Recursive Ancronym, or Yet Another Ridiculous Acronym. Pick your choice" (Tweet) – via Twitter.