Yara WorkBench is a free Integrated Development Environment (IDE) for working with Yara.
This tool allows you to quickly write and test new match signatures.
Features:
- syntax highlighting
- code completion for internal functions and modules
- extensible type system for custom modules
- ability to scan individual files or directories
- bench marking statistics for each file
- number of rules and signature matches per file
- shows file offset and PE virtual address for each match
- hexdump and 32/64 bit PE disassembly per match
- quickly determine match quality
- dump module information
- library manager
- test rules against multiple old yara versions
- navigator form to extract and jump to specific rules
- easily sort and move samples by rule and match status
Screen shots (Click to enlarge)
Main UI |
Matches |
Dump Module |
Rule Navigator |
Yara WorkBench is compatible with all Windows operating systems from XP SP3 - Windows 10.
Download
|
|
