How to install YARA and write basic YARA rules to identify malware

A screenshot of a YARA rule with syntax highlighting

YARA is described as “The pattern matching Swiss knife for malware researchers (and everyone else)”. Think of it as like grep, but instead of matching based on one pattern, YARA matches based on a set of rules, with each rule capable of ┬ácontaining multiple patterns, and complex condition logic for further refining matches. It’s a very useful tool. Let’s go over some practical examples of how to use it.

Read more

How to run graphical Linux applications on Windows 10 using the Windows Subsystem for Linux (WSL)

A screenshot of xeyes running on Bash on Ubuntu on Windows 10

The Windows Subsystem for Linux (WSL) was introduced by Microsoft in the Windows 10 Anniversary Update. It allows users to run a full Linux user space in Windows. It is a much nicer approach for most applications than Cygwin, or using a Linux VM. It is not an emulator either. Think of it as GNU/Linux/Windows (apologies to Richard Stallman). This guide starts off with Microsoft’s instructions for installing the WSL, and then goes a few steps further by describing how to run graphical Linux applications.

Read more