mirrors/Detect-It-Easy
2
0
Fork 0
mirror of https://github.com/horsicq/Detect-It-Easy.git synced 2026-06-24 01:54:08 +00:00
Code Issues Projects Releases Packages Wiki Activity

Add PE detection rule for ImGui

Browse source 
Add new rule db/PE/library_ImGui.4.sg to detect the ImGui library in PE files. The rule marks a match if the library name contains "imgui" or if exported functions start with "ImGui" (sets sOptions to "static" for EAT). Includes author/contact metadata.
This commit is contained in:
DosX 2026-06-01 18:31:54 +03:00
commit c4a8a9babf
1 changed files with 20 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

20
db/PE/library_ImGui.4.sg Normal file
View file

@ -0,0 +1,20 @@
// Detect It Easy: detection rule file
// Author: DosX
// E-Mail: collab@kay-software.ru
// GitHub: https://github.com/DosX-dev
// Telegram: @DosX_dev
// https://github.com/ocornut/imgui
meta("library", "ImGui");
function detect() {
if (PE.isLibraryPresentExp(/imgui/i)) {
bDetected = true;
} else if (PE.isExportFunctionPresentExp(/^ImGui/)) {
sOptions = "static"; // EAT
bDetected = true;
}
return result();
}