YARA-X is not just a rewrite of YARA in Rust, it comes with new features too.

One of these features is the dump command: yr.exe dump …

YARA-X can parse several file formats natively, to support file-format specific YARA rules. These parsers can also be invoked explicitly (without YARA rules for testing). The default output is YAML:

And JSON output is supported too:

Didier Stevens
Senior handler
blog.DidierStevens.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.