efforg/yaya — explained in plain English
Analysis updated 2026-07-16 · repo last pushed 2023-12-27
Scan a directory of uploaded files for known malware signatures.
Run a malware check across a server directory using community threat rules.
Quickly test a suspicious file against a broad set of expert detection rules.
Export all curated detection rules into a single file for use in other tools.
| efforg/yaya | tj/go-naturaldate | caddyserver/nginx-adapter | |
|---|---|---|---|
| Stars | 303 | 315 | 354 |
| Language | Go | Go | Go |
| Last pushed | 2023-12-27 | 2024-05-17 | 2026-02-15 |
| Maintenance | Dormant | Dormant | Maintained |
| Setup difficulty | hard | easy | easy |
| Complexity | 4/5 | 2/5 | 2/5 |
| Audience | ops devops | developer | ops devops |
Figures from each repo's GitHub metadata at analysis time.
Requires building C libraries from source and some technical configuration to get the scanning environment running.
YAYA is a tool that helps you detect malware and suspicious files. It gathers detection rules from trusted open-source security communities, keeps them updated automatically, and lets you scan your files to see if anything matches known threats. Think of it as a community-maintained antivirus engine you control yourself. YARA, the underlying technology, is a pattern-matching system widely used by security researchers to identify and classify malware. Instead of hand-picking individual rule sets and managing them on your own, this tool pulls from multiple sources at once. You run a simple update command to fetch the latest rules, can add your own custom rules if you have them, and then point the scanner at a directory to check everything inside. It also lets you ban or remove rule sets you don't want and export all rules into a single file for use elsewhere. This is built for security analysts, system administrators, or anyone managing infrastructure who wants an easy way to leverage community-threat intelligence without manually hunting down and integrating separate rule collections. A small security team could use it to scan uploaded files, a system administrator could run it across a server directory to check for known malware signatures, or a researcher could use it to quickly test a suspicious file against a broad set of rules from different experts. The project is written in Go and can run inside a container, which is useful if you want to isolate the scanning environment. Installation requires some technical setup, including building C libraries from source. The README doesn't go into detail about which specific rule sets are included or how the curation works beyond the update mechanism, so you'd need to explore the code or try it out to see the full list of sources.
YAYA is a self-hosted malware detection tool that automatically fetches and updates threat-detection rules from open-source security communities, letting you scan files against known threats.
Mainly Go. The stack also includes Go, C, Docker.
Dormant — no commits in 2+ years (last push 2023-12-27).
Setup difficulty is rated hard, with roughly 1h+ to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.