Closed JohnLaTwC closed 3 years ago
The tests fail because the test code uses raccinelib is_malicious_command_line
to check various command lines. I #ifdef that out that code to remove strings in the binary that AV continues to flag on. The detection functionality they used to provide was moved to Yara. So we need to see how to recreate this testing functionality but for our yara rules.