Zum Hauptinhalt springen
Dieser Inhalt ist noch nicht in Ihrer Sprache verfügbar und wird auf Englisch angezeigt.

Yara Rule Authoring

Skill Verifiziert Aktiv
Teil von:Yara Authoring

Guides authoring of high-quality YARA-X detection rules for malware identification. Use when writing, reviewing, or optimizing YARA rules. Covers naming conventions, string selection, performance optimization, migration from legacy YARA, and false positive reduction. Triggers on: YARA, YARA-X, malware detection, threat hunting, IOC, signature, crx module, dex module.

Zweck

To empower users to author effective and performant YARA-X detection rules for malware identification by providing best practices, decision trees, and tool recommendations.

Funktionen

  • Guides YARA-X rule authoring
  • Covers string selection and performance optimization
  • Details platform-specific detection strategies
  • Provides guidance on testing and validation
  • Includes linting and analysis scripts

Anwendungsfälle

  • Writing new YARA-X rules for malware
  • Reviewing and optimizing existing YARA rules
  • Migrating legacy YARA rules to YARA-X
  • Developing detection signatures for threat intelligence

Nicht-Ziele

  • Performing dynamic malware analysis
  • Conducting network-based detection
  • Static analysis requiring disassembly
  • Simple hash-based detection

Installation

Zuerst Marketplace hinzufügen

/plugin marketplace add trailofbits/skills
/plugin install yara-authoring@trailofbits

Qualitätspunktzahl

Verifiziert
98 /100
Analysiert about 20 hours ago

Vertrauenssignale

Letzter Commit3 days ago
GitHub-Inhaber trailofbits (opens in new tab)
Sterne5.2k
LizenzCC-BY-SA-4.0
Status
Quellcode ansehen

Ähnliche Erweiterungen

Secrets Management

100

Implement secure secrets management for CI/CD pipelines using Vault, AWS Secrets Manager, or native platform solutions. Use when handling sensitive credentials, rotating secrets, or securing CI/CD environments.

Skill
wshobson

Semgrep Rule Creator

100

Creates custom Semgrep rules for detecting security vulnerabilities, bug patterns, and code patterns. Use when writing Semgrep rules or building custom static analysis detections.

Skill
trailofbits

Safe Mode

100

Prevent destructive operations using Claude Code hooks. Three modes — cautious (warn on dangerous commands), lockdown (restrict edits to one directory), and clear (remove restrictions). Uses PreToolUse matchers for Bash, Edit, and Write.

Skill
rohitg00

Prompt Guard

100

Meta's 86M prompt injection and jailbreak detector. Filters malicious prompts and third-party data for LLM apps. 99%+ TPR, <1% FPR. Fast (<2ms GPU). Multilingual (8 languages). Deploy with HuggingFace or batch processing for RAG security.

Skill
Orchestra-Research

Soul Guardian

100

Drift detection + baseline integrity guard for agent workspace files with automatic alerting support

Skill
prompt-security

Audit Dependency Versions

100

Audit project dependencies for version staleness, security vulnerabilities, and compatibility issues. Covers lock file analysis, upgrade path planning, and breaking change assessment. Use before a release to ensure dependencies are current and secure, during periodic maintenance reviews, after receiving a security advisory, when upgrading to a new language version, before submitting to CRAN or npm, or when inheriting a project to assess its dependency health.

Skill
pjt222