View Single Post
Old 12-04-2018, 15:51
hors's Avatar
hors hors is offline
Join Date: Aug 2014
Posts: 31
Rept. Given: 6
Rept. Rcvd 53 Times in 23 Posts
Thanks Given: 14
Thanks Rcvd at 247 Times in 24 Posts
hors Reputation: 53
Originally Posted by alexandernst View Post
How does this compare to PEID or DIE?
PEID was a good project, but unfortunately very old.

I am the author of DIE, so probably I know his pros and cons better than anyone.

Detect It Easy[DiE]

[+] Currently, DIE has significantly more detects.
[+] The signature system allows you to easily add your own detections without recompiling the program.

[-] Signatures slower than compiled code
[-] Not all types of detections can be implemented in signatures.
[-] It is difficult to implement a full reverse scan of individual parts of the program.

Nauz File Detector[NFD]

[+] Compiled code is faster than signatures.
[+] It is possible to implement complex detections. For example using emulation.
[+] There is a reverse scan.

[-] NFD has less detections than DiE
[-] When adding new detection, you need to recompile the program.

Last edited by hors; 12-04-2018 at 15:53. Reason: Fix
Reply With Quote
The Following 16 Users Say Thank You to hors For This Useful Post:
alexandernst (12-04-2018), an0rma1 (01-25-2019), chants (12-12-2018), Corsten (12-06-2018), darkBLACK (12-05-2018), Doit (05-06-2020), Indigo (07-19-2019), korosh (06-12-2019), MarcElBichon (12-04-2018), msi_g (03-27-2019), niculaita (06-13-2019), ontryit (12-04-2018), riverstore (03-03-2019), tonyweb (12-05-2018), trickyboy (07-30-2019)