Neo-Mvasii SivaPrem

## windows-toolkit.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                SivaPrem
                / windows-toolkit.md
            
            
              Created
              December 28, 2018 09:33
                — forked from jthuraisamy/windows-toolkit.md
            
              
                Windows Toolkit
              
          
    Windows Toolkit

Binary

Native Binaries


IDA Pro


IDA Plugins
Preferred
Neutral
Unreviewed


## yara_performance_guidelines.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                SivaPrem
                / yara_performance_guidelines.md
            
            
              Created
              November 30, 2017 12:09
                — forked from Neo23x0/yara_performance_guidelines.md
            
              
                YARA Performance Guidelines
              
          
    YARA Performance Guidelines

When creating your rules for YARA keep in mind the following guidelines in order to get the best performance from them.
This guide is based on ideas and recommendations by Victor M. Alvarez and WXS.

Revision 1.1, February 2016, applies to all YARA version 3.3+

Global Rules

Global rules are evaluated first. Only if they are satisfied non-global rules are evaluated. This may be useful if all samples exhibit the same characteristics. Use them combined with the "private" statement to suppress a match notification on the global rules.