Implement peframe in r2 #13421
Labels
Comments
|
We already have those features in r2core or r2-extras (yara). The behavior stuff shouldn't be in core imho. It's way too specialized for malware analysis and is very likely a matter of some yara rules. |
|
Ok i didnt checked but i thiugh we could get some ideas
… On 18 Mar 2019, at 15:24, Maijin ***@***.***> wrote:
We already have those features in r2core or r2-extras (yara). The behavior stuff shouldn't be in core imho. It's way too specialized for malware analysis and is very likely a matter of some yara rules.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
All the idea are already on #921 there is nothing new that what is already on our tracker :( |
|
Or that we already have. |
|
So I took some time today to evaluate and check what are the features of this tool. After review there is nothing that we don't have already, already supported by Yara/Radare2 or already in the issue tracker. The part related for the Macro analysis is irrelevant to radare2 or at least irrelevant for radare2 core for now. I'm closing here |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Evaluate the list of checks from this tool and determine if we want/can have them in core or if they make more sense to be distributed in a separate script
https://github.com/guelfoweb/peframe
The text was updated successfully, but these errors were encountered: