-
using `ReadFrom` is much slower than a similar function in [go-yara](https://pkg.go.dev/github.com/hillu/go-yara/v4#ReadRules) on large rule files:
### YARA-X ReadFrom
| Command | …
zdiff updated
1 month ago
-
hi,
did a test drive with your yara rules and while they find malware and nasty things, they just produce too many false positives, to be usable. The ReactOS live CD has 144 hits, the /usr/sbin of …
-
- `prospect-seidel`: Slack thread: https://fleetdm.slack.com/archives/C07G5MNU267/p1730156454108159
- @noahtalerman: _User requested this because_ there was a security incident involving a specific h…
-
https://cyb3rops.medium.com/introducing-yara-forge-a77cbb77dcab. We could re-evaluate how we manage the rules.
They update the list once in a week. This would remove the efforts of maintaining a li…
-
I am trying to run plaso across a large Windows image (740GB of E01s) but it fails to complete with worker threads shown as killed or idle for an extended period:
```
plaso - log2timeline versio…
-
|Wazuh version|Component|Install type|Install method|Platform|
|---|---|---|---|---|
| 4.8.0 | active response | agent | Packages/Sources | windows 7 x64 vm|
Followed the documentation: https://d…
-
I use cmake to build this project, there are some symbols in yara that not linked. I try to add
target_link_libraries(${PROJECT_NAME} yara)
to gui_source/CMakeLists.txt, and then build successf…
-
| User story |
|:---------------------------------------------------------------------------|
| As a detection & response engineers,
| I want to deploy YARA rules to agents remotely and privately fro…
-
Hello,
Following a [discussion](https://digipres.club/@r2gf/112477762885908853) on Mastodon, @ross-spencer suggested that we opened an issue here to have a discussion with you @richardlehane about …
-
Hi,
Maybe I post my request in wrong Place. Please excuse me .
I use Yara and it's a nice product.
I beguin to use Yara-X but an important feature for me is (seems to be) not present. It's s…