Guilty as YARA is a Rust-based tool designed to generate Windows PE executables that trigger YARA rule matches. It automates the creation of test files containing specific strings and byte patterns, allowing users to validate the effectiveness of their YARA rules. This is particularly useful for malware detection and threat hunting, where accuracy in identifying malicious patterns is crucial. The tool features several key functionalities. It can parse YARA rules to extract string literals and hex byte sequences, supporting complex hex patterns that span multiple lines. It ensures the generated executables are safe to run by directing them to exit immediately, minimizing risk during testing. The tool also incorporates smart pattern placement, embedding patterns in executable and data sections while maintaining safety standards. Wildcard handling is another notable feature, where the tool substitutes wildcards in hex patterns with safe byte values like NOP (0x90). To use Guilty as YARA, users clone the repository and build it with Cargo. The commands provided in the article guide users through generating test PE files from YARA rules. The tool includes a robust error handling mechanism that allows it to continue parsing even when minor syntax issues occur. This reliability is essential for users who need to ensure their detection signatures perform as intended without the hassle of frequent debugging.