mandiant/capa-rules

detect uncommon .NET entry points

Open

#725 创建于 2023年3月16日

在 GitHub 查看
 (1 评论) (3 反应) (0 负责人) (234 fork)github user discovery
good first issuerule idea

仓库指标

Star
 (721 star)
PR 合并指标
 (PR 指标待抓取)

描述

This article describes multiple .NET entry points, where some of these are often leveraged by malware and obfuscators. I think it beneficial to bring these uncommon, or commonly malicious, entry points to the attention of capa users to help guide analysis to interesting code.

贡献者指南