QS: support files beyond PE binaries

mandiant / flare-floss

FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

Apache License 2.0

3.16k stars 445 forks source link

Open mr-tz opened 1 year ago

mr-tz commented 1 year ago

via #776

williballenthin commented 1 year ago

what do we mean by "shellcode blobs"? how would you imagine this working?

mr-tz commented 1 year ago

Idea here is that if users know its shellcode (and specify it manually), we can disassemble functions and remove junk strings that are code.