YARA is a powerful and flexible pattern matching tool. It runs from a command line on Linux and Windows, which is handy when you are working locally for reverse engineering or incident response. YARA is used by incident responders, threat hunters, and malware forensic analysts, and helps identify and classify malware samples.

​

Certified YARA Rules Professional (CYRP) training; Learn how to install and configure YARA on a Linux server. Cover the basic and advanced structures of a YARA rule, and learn about the YARA resources that are available to make your life easier. Create your first rule to analyze a suspicious file.

​

In this advanced YARA Rule Writing practical labs, participants can dig deeper into custom rules based on strings and byte sequences. Using different malicious file samples, this module will teach you how to build complex YARA rules based on the attributes of those samples. It also takes you through methods of building conditional based YARA rules while you learn how to test the rules you create.