Comments (2)
Great idea, but I need to establish a criterion of evaluation. Suggestions?
from peframe.
yep, I was thinking about it. I am not a expert, but I can try to imagine something.
We would have to establish a list of the worst suspecious
- anti VM tricks ? Why should a software avoid virtualization ? (even in my tests, i found putty had anti VM... I wonder why)
- Suspicious Sections. Many suspecious sections are often found in malware. maybe if it's > 2, you have a warning, >4 you have a critical
3)Suspicious API discovered: often seen in malware as in many applcations. I don't know to interpret them... - Anti Debug: idem
after that, we can have a mathematical way to calculate the score:
For example : 1 VM trick = coef 10, 3 suspicious sections with coef 3, 25 suspicious API with coef 0.5, 12 anti debug with coef 0.5
total = 10 + 9 + 12.5 + 6 : 37.5
the example is not good enough because you can have 150 suspicious API, and the score will be high.
Be I think that could be possible :)
from peframe.
Related Issues (20)
- Extract the Thumbprint
- Possible connections can lead to catastrophic backtracking
- Matching filenames can lead to catastrophic backtracking
- Please use consistent license HOT 2
- Please tag releases
- File URL Excessive Backtracking
- WindowsError: [Error 126] The specified module could not be found
- AttributeError
- can't install peframe in windows machine!
- setup.py is gone HOT 2
- OSX install failing on M2Crypto
- Invalid script entry point HOT 1
- Please create a official PyPi Package HOT 1
- A REST API for PEframe
- Error in userdb.txt at line 10723 HOT 1
- Peframe err HOT 2
- AttributeError: 'array.array' object has no attribute 'tostring' HOT 1
- Please attach malware file in requirements
- ModuleNotError: No module named 'setuptools_rust'
- sorry
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from peframe.