What you'll learn:
- Find out how YARA can boot your threat hunting skills
- Learn to overcome the limitations of hash-based matching
- Learn the syntax for writing YARA rules
- Create your own basic and more advanced rules
- Discover how to write effective rules with practical examples
In this course, you'll quickly learn to use YARA for identifying potentially malicious pieces of software.
Traditional hash-based malware detections can be easily defeated and are sometimes unreliable. Malware creators use a variety of tactics to devise new malware variants that evade traditional detection. To overcome the limitations of hash-based matching, YARA gives you a full-feature pattern matching framework.
Learn how to leverage YARA's capabilities to help fill the gaps in your malware analysis process, enabling you to better detect and respond to malware incidents.
Key topics topics and basic skills that you'll develop are:
Gain an understanding of how hashing and pattern matching work
Become familiar with YARA as a pattern-matching framework
Install YARA on your system
Learn the syntax for writing YARA rules
Create your own basic and more advanced rules
Discover how to write effective rules with practical examples
Create a rule to look for Web Shells
Design and implement a rule to look for ransomware
And more!
When you're finished with the course, you'll have the basic skills and knowledge to start writing YARA rules to assist with detection and response to malware incidents.
Quickly learn the right YARA skills to give your threat hunting and malware analysis skills a huge boost in efficiency and effectiveness!
