Quote:
Originally Posted by mr.exodia
After some reading it appears to be using Aho-Corasick or the Booyer-more string search algorithms, which is nice indeed. It is very unfortunate that the signature search is so tightly integrated with the codebase, otherwise I would have added it to the tests...
|
There are a handful of regex scans inside of it as well.
As for saying that stuff in this thread is not real signature scanning, I'm not sure why you would think that. Everything posted here are all valid methods of scanning for signatures regardless of what kind of software it is used within.