SabreTools/BinaryObjectScanner
1
0
Fork 0
mirror of https://github.com/SabreTools/BinaryObjectScanner.git synced 2026-02-13 13:45:57 +00:00
Code Issues 295 Packages Projects Releases 20 Wiki Activity
1,595 Commits 1 Branch 67 Tags
ffbb01c25cb6efe43161899b6cf8cb2152a2bbcd
Commit Graph

65 Commits

Author SHA1 Message Date
Matt Nadareski
4cc441afcf Get rid of code duplication 2022-12-15 00:13:24 -08:00
Matt Nadareski
3f2319093f Partially convert SolidShield to string finding 2022-12-09 21:54:21 -08:00
Matt Nadareski
5ce4f3be56 Clean up awkard SolidShield check 2022-12-08 17:16:47 -08:00
Matt Nadareski
92b3f14d7b Add SolidShield import directory table checks 2022-12-08 16:53:43 -08:00
Matt Nadareski
f78b3daf8b Attempt to use new executable framework 2022-12-03 22:17:48 -08:00
Matt Nadareski
64334d72ea Improve SolidShield detection 
- Add new SolidShield executable and file checks.
- Fix false positives in file name checks due to not using a directory separator in the check.
- Add a few notes and reorganize slightly.
 2022-12-02 15:02:45 -08:00
Matt Nadareski
e2492c9e5b Consolidate field string checks (fixes #141) 2022-08-21 20:34:59 -07:00
Matt Nadareski
9d7cc4012c Move interfaces to own namespace 2022-05-01 17:41:50 -07:00
Matt Nadareski
a44bdf9013 Reorder inherited interfaces 2022-05-01 17:23:00 -07:00
Matt Nadareski
f9f2e0d932 Better naming 2022-05-01 17:17:15 -07:00
Matt Nadareski
b933249ff7 Add resource finding on creation 2022-04-02 16:12:23 -07:00
Matt Nadareski
61c09e3c97 Move resource helpers to PortableExecutable 2022-04-02 15:54:51 -07:00
Matt Nadareski
4b66cd8cd2 Update file version resource handling 2022-04-01 10:16:31 -07:00
Matt Nadareski
65eea4301d Hide section complexity from content checks 2022-03-14 23:01:06 -07:00
Matt Nadareski
ceae505f4d Switch order of interface parameters 2022-03-14 22:51:17 -07:00
Matt Nadareski
a7e9164f4f Use SourceArray for PE checks 2022-03-14 22:49:35 -07:00
Matt Nadareski
c4447fc505 Modernize path check for SolidShield a little 2022-03-14 12:09:03 -07:00
Matt Nadareski
513e799aa3 Migrate protections to new interfaces 2022-03-14 11:20:11 -07:00
Matt Nadareski
ffb529edb3 Granularly separate out executable types 2022-03-14 10:40:44 -07:00
Matt Nadareski
d9d84a01e5 Fix crash in SolidShield scanning (fixes #76) 2022-02-10 10:37:57 -08:00
Matt Nadareski
a579bfea1f Fix reading generic sections 2021-09-15 11:47:12 -07:00
Matt Nadareski
1eb07c52e5 Address comments in SolidShield 2021-09-14 14:31:03 -07:00
Matt Nadareski
dbc841cb7f Clean up formatting of remaining full content checks 2021-09-14 11:33:53 -07:00
Matt Nadareski
afdd032f73 Start using more methods to make life easier 2021-09-11 21:03:36 -07:00
Matt Nadareski
09854b469e Remove redundant .rsrc check in SolidShield 2021-09-10 22:09:03 -07:00
Matt Nadareski
b779f2f546 Only deserialze a file once per round of checks 2021-09-10 16:10:15 -07:00
Matt Nadareski
5344de96b2 Cleanup and bugfixes; additional notes 2021-09-10 15:32:37 -07:00
Matt Nadareski
1e70d960ba Remove unnecessary trims 2021-09-10 13:59:35 -07:00
Matt Nadareski
373268a6a8 Convert resource checks to header checks 2021-09-10 13:51:32 -07:00
Matt Nadareski
905d440367 Process file info resources; cleanup; refactors 2021-09-10 02:58:59 -07:00
Matt Nadareski
9d3969d4ce Remove debug output 2021-09-05 23:08:41 -07:00
Matt Nadareski
2ba2756a8f Partially convert SolidShield to section based; add notes 2021-09-05 23:02:55 -07:00
Matt Nadareski
6cde7b8bef Reduce redundant code in content matchers now 2021-08-25 20:26:43 -07:00
Matt Nadareski
3ab0bcc0ae ContentMatchSets are now expected in IContentCheck 2021-08-25 19:37:32 -07:00
Matt Nadareski
7548646ba2 Create and use the Tools namespace 2021-08-25 15:09:42 -07:00
Matt Nadareski
43845cf722 Rename position flag -> debug flag 2021-08-24 15:19:23 -07:00
Matt Nadareski
56aeded8eb String and EVORE cleanups 2021-08-23 22:05:18 -07:00
Matt Nadareski
5aae9b01d4 Make file version finding safer 2021-08-23 20:45:13 -07:00
Matt Nadareski
3667a5b57a Concurrent protection scans per file (#52) 
* Move to ConcurrentDictionary

* Convert to ConcurrentQueue
 2021-07-18 09:44:23 -07:00
Matt Nadareski
3ac57b1c0c Fix static matcher issues (fixes #51) 
Note: This may result in slower, but more accurate, scans
 2021-07-17 23:40:16 -07:00
Matt Nadareski
28e95f9eb7 Slight SolidShield cleanup 2021-04-01 15:00:22 -07:00
Matt Nadareski
9f40a8c4c0 Perform some post-removal cleanup 2021-03-23 16:43:23 -07:00
Matt Nadareski
f9d6fce3bd Reduce boilerplate for directory checks 2021-03-23 13:35:12 -07:00
Matt Nadareski
aa83896963 Final batch of first pass for path check conversions 2021-03-23 10:36:14 -07:00
Matt Nadareski
921292e077 Static list of content matchers 
This also includes some more path matcher conversions that I couldn't reasonably split out
 2021-03-23 09:52:09 -07:00
Matt Nadareski
5240f2eb70 Simplify util method naming 2021-03-22 21:32:58 -07:00
Matt Nadareski
6400c954ef Split matchers more cleanly, comment better 2021-03-22 21:25:14 -07:00
Matt Nadareski
bc613a0413 Fix build 2021-03-22 11:44:16 -07:00
Matt Nadareski
e47a52dbe0 Use framework in even more content protections 2021-03-22 11:43:51 -07:00
Matt Nadareski
da165345b6 Use framework for more content protections 2021-03-22 11:13:14 -07:00