100 Days of YARA: Everything You Need to Know
YARA is a popular and powerful tool for identifying and classifying malware. It has been in use for many years and is widely referenced by cybersecurity professionals to detect threats. In 2022, Greg Lesnewich started #100DaysofYARA, as an initiative, similar to #100DaysOfCode, to engage with YARA for the first 100 days of the year. The challenge involves contributing to the community by writing and sharing one new YARA rule each day for 100 days, either working on YARA source code and other tooling or generally helping educate folks.
The goal of the challenge is to improve participants’ YARA skills and contribute to the community’s knowledge base. By sharing rules, participants can help others identify new threats and improve their own detection capabilities. Additionally, the challenge encourages collaboration and the sharing of knowledge and ideas.
The 100 Days of YARA challenge has seen many participants from around the world, including cybersecurity professionals, students, and hobbyists. Some notable participants in the challenge include:
- Greg Lesnewich – Inspired by Google’s 100 days of code, #100DaysofYARA challenge is the brain child of Greg who launched and completed his 100 days in 2022.
- Wesley Shields – Wesley is the creator and owner of the 100DaysofYARA GitHub account, providing a great place for YARA resources created and shared during the challenge. You can check out the newest repository from this year here: https://github.com/100DaysofYARA/2023
- Steve “YARA” Miller – Works on the threat intelligence team at Microsoft and is an avid contributor to the YARA community. He has presented multiple endeavors to help the YARA community improve their understanding of the tool, including scripts to better understand YARA string mutations, and other concepts.
- Florian Roth – Florian is the founder of Nextron Systems, a cybersecurity company that specializes in incident response and threat intelligence. He is also a YARA expert and has written several books on the topic. Florian has been a key participant in the 100 Days of YARA challenge, sharing his expertise and knowledge with the community.
- John Hammond – John is a cybersecurity researcher and content creator who is known for his YouTube channel, which features videos on cybersecurity topics. He is also a key participant in the 100 Days of YARA challenge, sharing his YARA rules and knowledge with the community.
- Vitali Kremez – In memoriam, Vitali was a cybersecurity researcher and intelligence analyst who specialized in malware analysis and threat intelligence. He was also a YARA expert and authored several articles and books on the topic. Vitali had been a key participant in the 100 Days of YARA challenge, generously sharing his expertise and knowledge with the community before his untimely passing.
- Pedro Matias – Pedro is a cybersecurity professional and YARA expert who has worked for several companies and organizations, including the European Union Agency for Cybersecurity. He has also written several books and articles on YARA and is a key participant in the 100 Days of YARA challenge.
- Liam O’Murchu – Liam is the Director of Development for Security Technology and Response at Symantec, a cybersecurity company. He is also a YARA expert and has written several articles and books on the topic. Liam has been a key participant in the 100 Days of YARA challenge, sharing his expertise and knowledge with the community.
These are just a few of the many participants in the 100 Days of YARA challenge. The challenge has seen participation from people of all skill levels and backgrounds, making it a truly inclusive and collaborative effort. By working together and sharing their knowledge and expertise, participants in the challenge help make the cybersecurity community stronger and more effective in the fight against malware and other threats.
If you’re interested in participating in the 100 Days of YARA challenge, there are a few things you can do to get started. First, familiarize yourself with YARA and its capabilities. There are many resources available online, including books, articles, and tutorials. Once you feel comfortable with YARA, start writing your own rules and share them with the community. Don’t be afraid to ask for feedback or collaborate with others – the YARA community is very supportive and is always willing to help. And most importantly, have fun and enjoy the challenge!
If you’re looking to build your own rules, or gain a better understanding of the capabilities of YARA, InQuest has created many resources to help you get started and explore the world of building YARA rules. If you’re interested in learning more about YARA, we currently have multiple open-source repositories and resources containing custom rules.
- https://github.com/InQuest/awesome-yara
- https://github.com/InQuest/yara-rules
- https://github.com/InQuest/yara-rules-vt
- https://twitter.com/i/lists/1648861278901764096 (All #100DaysOfYARA participants)
100 Days of YARA Participants | 2023
A ? indicates completion of the challenge… if your name or trophy is missing from this list, please let us know by emailing [email protected].
100 Days of YARA Participants | 2022
Free Email Hygiene Analysis
Solid email security begins with proper email hygiene. There are a variety of email hygiene technologies and wrapping one’s head around them all is challenging. Try our complimentary Email Hygiene Analysis and receive an instant report about your company’s security posture including a simple rating with iterative guidance, as well as a comparison against the Fortune 500. Try it today!