Squiblydoo
commented
1 year ago @nazywam can you consider updating the extractor to use debloat 1.5.3? I do not have my own instance set up yet, so unfortunately, I cannot test the changes before submitting a PR. (If I don't hear back before too long, I'll also try to get it set up and then submit a PR. :) )
1.4.1 made processing much better and faster.
1.50 introduced the ability to process NSIS files. Processing NSIS files will normally result in 1 or more files; that is, it will output a file with a reverse engineered Setup.NSIS script and any files that were packed in the installer. (Debloat returns all the files at this time without considering if any of the included files are malicious or bloated.)
- Can the current karton-archive-extractor handle that in the workflow OK?
1.5.1 and 1.52 added substantial memory performance updates. Debloat now uses 1/3rd or less of the memory that it used before.
One method of reducing memory use is passing the starting file's size into the process_pe method. This is optional, but if the file size is already known and provided, it will reduce memory usage.
nazywam
Greetings! First, thanks for including my debloat tool as part of karton-archive-extractor.
Second, I've just released 1.4.1: which processes much better, faster, and fixes a few bugs pertaining to a few some samples.
What is the best way for me to contribute to karton-archive-extractor when I release larger debloat updates? Should I build karton locally, test locally to ensure new versions work correctly through karton-archive-extractor, and then submit Pull Requests? Or would you prefer to primarily do your own testing in regards to included tools like debloat?