flare-floss
flare-floss copied to clipboard
mandiant
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
Changes include adding elf header in SUPPORTED_FILE_MAGIC Let me know if the signature and go/rust handling for elf look fine or if I can do it more smartly?
Bumps [setuptools](https://github.com/pypa/setuptools) from 69.0.3 to 69.1.0. Changelog Sourced from setuptools's changelog. v69.1.0 Features Updated and removed obsolete Python < 3.8 code and comments. -- by :user:Avasam (#4096) Updated pkg_resources to...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from 6.3.0 to 6.4.0. Release notes Sourced from pyinstaller's releases. v6.4.0 Please see the v6.4.0 section of the changelog for a list of the changes since v6.3.0. Changelog...
Hello! I have this sample referenced in this other issue: https://github.com/mandiant/flare-ida/issues/127 I also ran it through your tool and very few strings were found, ironstrings found way more. I don't...
Bumps [pytest-sugar](https://github.com/Teemu/pytest-sugar) from 0.9.4 to 1.0.0. Release notes Sourced from pytest-sugar's releases. pytest-sugar 1.0.0 Add support for pytest 8.x Drop support for Python 3.7 Thanks to folks to contributed to...
Currently, floss can identify the `decoding functions` in a binary and prints them with `offset` and `score` while running usng `-v` flag. Now, it's maybe useful to know that how...
This issue note aims to suggest the integration of detection heuristics from the [mrphrazer/obfuscation_detection](https://github.com/mrphrazer/obfuscation_detection) by @mrphrazer into the `FLOSS` tool, to enhance its capabilities in detecting and decoding obfuscated strings...
https://pip.pypa.io/en/stable/reference/build-system/pyproject-toml/
Display raw and virtual offsets in verbose mode. This could help to match things up more quickly between FLOSS output, the file, and disassembler view.
In my opinion, I think it is necessary to change/addition the following 2 scripts, or maybe merge those 2 scripts into 1. 1. render-ida-import-script.py: Runs as an IDAPython script, allowing...
