mandiant/capa-rules

detect uncommon .NET entry points

Open

#725 建立於 2023年3月16日

在 GitHub 查看
 (1 留言) (3 反應) (0 負責人) (234 fork)github user discovery
good first issuerule idea

倉庫指標

Star
 (721 star)
PR 合併指標
 (PR 指標待抓取)

描述

This article describes multiple .NET entry points, where some of these are often leveraged by malware and obfuscators. I think it beneficial to bring these uncommon, or commonly malicious, entry points to the attention of capa users to help guide analysis to interesting code.

貢獻者指南