We would like the ability to utilize the Private modifier in YARA so that we can create rules that may be referenced by other rules. https://yara.readthedocs.io/en/stable/writingrules.html#referencing-rules
Use Case: We have YARA rules that tag emails that pass SPF, DKIM, and DMARC respectively. I want to create a rule that references those SPF, DKIM, and DMARC rules to help validate my new rule. Currently, I have to add the SPF, DKIM, and DMARC logic into EVERY rule that I want to use that logic in... this is just a bad coding practice... I shouldn't have to duplicate code from another rule into my new rule when YARA supports referencing that rule natively.
Kirjaudu sisään jättääksesi kommentin.