VirusTotal / yara

The pattern matching swiss knife
https://virustotal.github.io/yara/
BSD 3-Clause "New" or "Revised" License
8.26k stars 1.44k forks source link

Feature to show which segment in condition triggered match #1861

Open dmiraj opened 1 year ago

dmiraj commented 1 year ago

Is your feature request related to a problem? Please describe. When you have a rule which condition is perplexed with several conditional operators. Feature to know which part of the condition triggered for a case, helps greatly in analysis.

Describe the solution you'd like A feature to show which segment satisfy for case.

Describe alternatives you've considered Understanding the condition logic and yara -s resource_name to show which strings trigger. Analysis of matched strings and condition logic to portray which segment in condition triggers match.