Exetools  

Go Back   Exetools > General > Source Code

Notices

Reply
 
Thread Tools Display Modes
  #16  
Old 01-26-2015, 02:26
atom0s's Avatar
atom0s atom0s is online now
Family
 
Join Date: Jan 2015
Location: 127.0.0.1
Posts: 396
Rept. Given: 26
Rept. Rcvd 126 Times in 63 Posts
Thanks Given: 54
Thanks Rcvd at 730 Times in 279 Posts
atom0s Reputation: 100-199 atom0s Reputation: 100-199
Quote:
Originally Posted by mr.exodia View Post
After some reading it appears to be using Aho-Corasick or the Booyer-more string search algorithms, which is nice indeed. It is very unfortunate that the signature search is so tightly integrated with the codebase, otherwise I would have added it to the tests...
There are a handful of regex scans inside of it as well.

As for saying that stuff in this thread is not real signature scanning, I'm not sure why you would think that. Everything posted here are all valid methods of scanning for signatures regardless of what kind of software it is used within.
Reply With Quote
  #17  
Old 02-03-2015, 01:00
sh3dow sh3dow is offline
Family
 
Join Date: Oct 2014
Posts: 158
Rept. Given: 113
Rept. Rcvd 79 Times in 24 Posts
Thanks Given: 458
Thanks Rcvd at 202 Times in 75 Posts
sh3dow Reputation: 79
if antivirus have good algorithms why not see Norton Antivirus 2006 source code
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On


Similar Threads
Thread Thread Starter Forum Replies Last Post
openssl signature for ida skyper General Discussion 10 03-19-2012 17:33


All times are GMT +8. The time now is 16:31.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )