manpagez: man pages & more
man yarac(1)
Home | html | info | man
yarac(1)                     compile rules to yara                    yarac(1)


       yarac - compile rules to yara


       yarac [OPTION]... [RULE_FILE]... OUTPUT_FILE


       To invoke YARA you will need two things: a file with the rules you want
       to use (either in source code or compiled form) and the  target  to  be
       scanned.  The target can be a file, a folder, or a process.

       Rule files can be passed directly in source code form, or can be previ-
       ously compiled with the yarac tool. You may prefer to use your rules in
       compiled  form  if you are going to invoke YARA multiple times with the
       same rules.  This way youall save time, because for YARA is  faster  to
       load  compiled rules than compiling the same rules over and over again.

       The rules will be applied to the target specified as the last  argument
       to  YARA,  if  itas a path to a directory all the files contained in it
       will be scanned.


       -d <identifier>=<value>
              define external variable.

       -w  --no-warnings
              Disable warnings.

              Treat warnings as errors. Has no effect if used with  --no-warn-

       -v  --version
              Show version information.


       The -d is used to define external variables. For example:

       -d flag=true

       -d beast=666

       -d name="James Bond"




       yarac  was  written  by  Victor  M. Alvarez <>.
       This manual page  was  written  by  Joao  Eriberto  Mota  Filho  <erib->  for  the Debian project (but may be used by oth-

YARAC 2.0                          Jan 2014                           yarac(1)

yara 4.0.2 - Generated Fri Aug 7 14:30:09 CDT 2020
© 2000-2021
Individual documents may contain additional copyright information.