diff --git a/forensics/basic-forensic-methodology/malware-analysis.md b/forensics/basic-forensic-methodology/malware-analysis.md
index a6e8b0fa6..298fba8d9 100644
--- a/forensics/basic-forensic-methodology/malware-analysis.md
+++ b/forensics/basic-forensic-methodology/malware-analysis.md
@@ -43,6 +43,11 @@ yara -w malware_rules.yar folder #Scan hole fodler
 
 You can use the tool [**YaraGen**](https://github.com/Neo23x0/yarGen) to generate yara rules from a binary. Checkout these tutorials: [**Part 1**](https://www.nextron-systems.com/2015/02/16/write-simple-sound-yara-rules/), [**Part 2**](https://www.nextron-systems.com/2015/10/17/how-to-write-simple-but-sound-yara-rules-part-2/), [**Part 3**](https://www.nextron-systems.com/2016/04/15/how-to-write-simple-but-sound-yara-rules-part-3/)
 
+```bash
+ python3 yarGen.py --update
+ python3.exe yarGen.py --excludegood -m  ../../mals/
+```
+
 ### ClamAV
 
 #### Install