Give it a try
Upload your Yara rule, share your username and email address and a few minutes later you will get the results in a nicely formatted JSON file.
A simple service to test your Yara rules against a large set of malicious and identified files
Did it happen to you that you wanted to quickly test a Yara rule your created, but you are missing a large enough data set to test your rule against? This is exactly where Yara Scan is designed for. You submit your Yara rule to the service and a short while later you will receive an email with the results of Yara scan over our large collection of malicious samples. And the best part? Most files are identified by a signature, making it easier to identify if your rule matches for the right malware samples.
Upload your Yara rule, share your username and email address and a few minutes later you will get the results in a nicely formatted JSON file.
You can also submit your Yara rule via the API endpoint to start a Yara scan. Simple use the examples below to submit your rules.
Please reach out to obtain your personal API key.
curl -X POST --header "APIKEY: YOURKEY" -F file[]=@"myrule.yar" "https://riskmitigation.ch/yara-scan/api/"
You can submit several Yara rules with one request by using the file[] array.
You can use the below script as following
$ ./yara_scan_upload.py -h
usage: yara_scan_upload.py [-h] -f FILE [FILE ...] [-a apikey]
Upload a Yara rule to be scanned on Yara Scan Service
optional arguments:
-h, --help show this help message and exit
-f FILE [FILE ...], --file FILE [FILE ...]
Yara rules(s) to upload (required)
-a apikey, --apikey apikey
Your personal API key
Source code of yara_scan_upload.py: yara-scan-service GitHub repository
Please make sure to check the response status (response code) or in the JSON to verify if your request was successful.
Send us your question with the form below.
By using the Yara Scan Service, you accept the following terms of service: