YARA support

April 30, 2014

We now have (experimental) YARA support inside radare2.

If you are building from the latest git, you just have to install libyara, no need to recompile anything.

[0x00000000]> yara
Yara plugin
| add [path] : add yara rules
| clear      : clear all rules
| help       : show this help
| list       : list all rules
| scan       : scan the current file

Since you may not already have some rules, we bundled some defaults ones, for packers and crypto primitives.