Did it happen to you that you wanted to quickly test a Yara rule your created, but you are missing a large enough data set to test your rule against? This is exactly where Yara Scan is designed for. You submit your Yara rule to the service and a short while later you will receive an email with the results of Yara scan over our large collection of malicious samples. And the best part? Most files are identified by a signature, making it easier to identify if your rule matches for the right malware samples.
You can also submit your Yara rule via the API endpoint to start a Yara scan. Simple use the examples below to submit your rules.
Please reach out to obtain your personal API key.
curl -X POST --header "APIKEY: YOURKEY" -F file=@"myrule.yar" "https://riskmitigation.ch/yara-scan/api/"
You can submit several Yara rules with one request by using the
You can use the below script as following
$ ./yara_scan_upload.py -h usage: yara_scan_upload.py [-h] -f FILE [FILE ...] [-a apikey] Upload a Yara rule to be scanned on Yara Scan Service optional arguments: -h, --help show this help message and exit -f FILE [FILE ...], --file FILE [FILE ...] Yara rules(s) to upload (required) -a apikey, --apikey apikey Your personal API key
Source code of
yara_scan_upload.py: yara-scan-service GitHub repository
Please make sure to check the response status (response code) or in the JSON to verify if your request was successful.
Send us your question with the form below.
By using the Yara Scan Service, you accept the following terms of service: