Tool and Usage
The yarGen utility helps with creating YARA rules for malware detection. It can combine both 'goodware' and 'malware', to properly craft the right rules.
How it works
yarGen includes a set of 'goodware' strings and opcode database. This is input during the creation of YARA rules, to prevent positive negatives.
Usage and audience
yarGen is commonly used for malware analysis or malware scan. Target users for this tool are security professionals.
Author and Maintainers
YarGen is under development by Florian Roth.
Support operating systems
YarGen is known to work on Linux.