Yara WorkBench is a free IDE for working with Yara.
This tool allows you to quickly write and test new match signatures.
Features:
- Yara Engine: 4.3.1
- syntax highlighting
- object browser with doc strings for YARA modules
- code completion for internal functions and modules
- extensible type system for custom modules
- ability to scan individual files or directories
- bench marking statistics for each file
- number of rules and signature matches per file
- shows file offset and PE virtual address for each match
- hexdump and 32/64 bit PE disassembly per match
- quickly determine match quality
- dump module information
- library manager
- test rules against multiple old yara versions
- navigator form to extract and jump to specific rules
- easily sort and move samples by rule and match status
- Javascript automation to post process match results.
Screen shots (Click to enlarge)
Main UI |
Matches |
Dump Module |
Rule Navigator |
Object Browser |
Automation Objects |
Yara WorkBench is compatible with Vista+ systems.
Download
|
|
