Just a brief pointer to a useful write up of some YARA performance guides today – https://github.com/Neo23x0/YARA-Performance-Guidelines/blob/master/README.md
This write up contains a lot of good insights into performance.
Tag: 100DaysofYARA
Learning from Others – YARA Post #5
Taking a quick break from my Zip Archive adventures, one thing I’d be remiss not to mention is the community sharing that happens around YARA. As well as the specific YARA rules that people share, there are also a lot of insights into how to use YARA, how to craft or generate rules, and lots of other creative uses of the tool.
One example of this is the activity around #100DaysofYARA on Twitter last year that was kicked off by Greg Lesnewich. Looking through many of the tweets mentioning this Hashtag will certainly show some interesting possibilities in using YARA. I’d recommend following that hashtag on Twitter and Mastodon, seeing what comes up on January 1st 2023, and sharing your own experiments!