Commit graph

Select branches

Hide pull requests

Test

master

#101

#104

#109

#110

#128

#129

#130

#131

#132

#133

#135

#139

#140

#147

#151

#155

#156

#157

#158

#159

#160

#163

#164

#165

#166

#167

#168

#169

#170

#172

#175

#186

#187

#191

#192

#197

#198

#199

#200

#201

#204

#205

#206

#207

#208

#21

#210

#211

#212

#214

#215

#217

#224

#225

#23

#230

#235

#239

#24

#246

#25

#250

#254

#255

#256

#257

#258

#259

#26

#260

#261

#262

#263

#264

#265

#266

#267

#268

#269

#27

#270

#271

#272

#273

#274

#276

#277

#278

#280

#281

#282

#283

#284

#285

#286

#287

#288

#289

#290

#291

#292

#293

#294

#296

#30

#31

#313

#316

#323

#324

#334

#339

#340

#347

#349

#35

#350

#351

#352

#353

#354

#355

#357

#358

#359

#361

#362

#37

#40

#51

#57

#7

#72

#77

#8

#8

#80

#81

#82

#85

#87

#90

#91

#92

#96

#98

Beta

current-database

db

db_extra

Mono Color

• 342dda3064 add update_info_timestamp scripts master Benjamin Funke 2026-06-23 17:54:39 +02:00
• 74e9ca450d chore: update date to 2026-06-23 in db info files horsicq 2026-06-23 01:46:57 +02:00
• eed67fc08d dbs_min update DosX 2026-06-22 18:55:48 +03:00
• 958258a5cd update DiE version in RUN.md Benjamin Funke 2026-06-22 17:34:53 +02:00
• d23269a06e Add VCasm-Protector and Excalibur detections DosX 2026-06-22 18:33:43 +03:00
• 6b53f22ae4 Improve Skater .NET detector DosX 2026-06-22 18:33:15 +03:00
• 5c5e3ad911 Rename and refactor Unicode signature generator DosX 2026-06-22 16:47:15 +03:00
• 1af9c5240f dbs_min update DosX 2026-06-22 16:29:29 +03:00
• a8180360d2 Refactor variable names in heuristics DosX 2026-06-22 16:29:00 +03:00
• 61509245aa Optimize signature pattern checks DosX 2026-06-22 16:28:35 +03:00
• 6774f5bfb8 Generate precise UTF-16LE hex signature mask DosX 2026-06-22 16:27:49 +03:00
• c4c388de73 Refactor PE scan buffer decoding and checks DosX 2026-06-22 16:15:17 +03:00
• 7f96c2e668 Simplify e_lfanew fast-fail and cache lfa3 DosX 2026-06-22 16:09:36 +03:00
• 16791938db Optimize PE signature decryption and scanning DosX 2026-06-22 16:07:28 +03:00
• f2fa6b342b Optimize PE heuristic scanning and decryption DosX 2026-06-22 16:02:50 +03:00
• 1837b16d0b dbs_min update DosX 2026-06-22 14:55:45 +03:00
• 987d68a71d Optimize PE section scanning and caching DosX 2026-06-22 14:55:36 +03:00
• ab126dd877 dbs_min update DosX 2026-06-22 14:02:37 +03:00
• 6b180e6bb8 Merge branch 'master' of https://github.com/horsicq/Detect-It-Easy DosX 2026-06-22 14:02:01 +03:00
• 3303f77420 Standardize wildcard and broaden resource checks DosX 2026-06-22 14:01:59 +03:00
• 0b2f054553 add references to PE signatures Benjamin Funke 2026-06-21 17:54:53 +02:00
• 134b93e3d2 dbs_min update DosX 2026-06-21 13:10:07 +03:00
• 435cf589d0 Merge branch 'master' of https://github.com/horsicq/Detect-It-Easy DosX 2026-06-21 13:09:24 +03:00
• 9853fdc223 Rename MSDOS rule files; adjust RM_FORTRAN mode DosX 2026-06-21 13:09:22 +03:00
• 4e608a54f6 add references for Aztec C/AmigaBasic signature Benjamin Funke 2026-06-21 11:54:54 +02:00
• 82e408f2df Rename DB files to sfx_ and compiler_ prefixes DosX 2026-06-21 12:46:12 +03:00
• bb3351fdbb Rename Borland C to C++ and update sLang DosX 2026-06-21 12:44:48 +03:00
• b0f6c22d8d Merge branch 'master' of https://github.com/horsicq/Detect-It-Easy DosX 2026-06-21 12:43:23 +03:00
• 86151c660f Strengthen de4dot .NET detection logic DosX 2026-06-21 12:43:13 +03:00
• 3c0c6b8a53 add references to LX signatures Benjamin Funke 2026-06-21 11:31:02 +02:00
• fa082ddaf1 add references to MACH signatures Benjamin Funke 2026-06-21 11:29:03 +02:00
• dac2016dfb Merge branch 'master' of https://github.com/horsicq/Detect-It-Easy DosX 2026-06-21 12:26:31 +03:00
• 3113bca5ed Expand malware signature list with more variants DosX 2026-06-21 12:26:22 +03:00
• 96836f65dc redefine Virbox signature as protector Benjamin Funke 2026-06-21 11:25:36 +02:00
• e087251e33 Merge branch 'master' of https://github.com/horsicq/Detect-It-Easy DosX 2026-06-21 12:22:27 +03:00
• f249f403a6 Categorize and rename MSDOS rule files DosX 2026-06-21 12:22:16 +03:00
• fb7147c698 rename library_java to library_Java Benjamin Funke 2026-06-21 11:19:12 +02:00
• 4f6397516c dbs_min update DosX 2026-06-21 12:14:04 +03:00
• a5b91db3ad Refactor MSDOS rule filenames; set LSI C language DosX 2026-06-21 12:13:36 +03:00
• 20c1d39026 Set sLang in detectors; rename DB files DosX 2026-06-21 12:06:59 +03:00
• 9a03a2c257 Reclassify and rename MSDOS rule files DosX 2026-06-21 12:01:50 +03:00
• 798b437caa Add Rabby Wallet signature to heuristics DosX 2026-06-21 11:57:24 +03:00
• d0fb016461 Remove sOptions assignment in MACH gcc detect DosX 2026-06-21 11:40:53 +03:00
• 5890991148 Merge branch 'master' of https://github.com/horsicq/Detect-It-Easy DosX 2026-06-21 11:38:47 +03:00
• 74a0883a84 Stop .NET header loop early; add OneKey Wallet sig DosX 2026-06-21 11:38:44 +03:00
• 6b276f63cb improve gcc MACH signature Benjamin Funke 2026-06-21 09:57:53 +02:00
• 82469c4924 add reference for Delphi signature Benjamin Funke 2026-06-21 09:56:18 +02:00
• f38b4b9623 add references for NE signatures Benjamin Funke 2026-06-21 09:50:39 +02:00
• cc0e869a2b add references for PE signatures Benjamin Funke 2026-06-21 09:46:17 +02:00
• 511c99562f add references to signatures Benjamin Funke 2026-06-20 22:32:01 +02:00
• f46b3ca1ac remove newlines in MS-XNA/KTX signature Benjamin Funke 2026-06-20 21:36:33 +02:00
• cf5a235a54 dbs_min update DosX 2026-06-20 19:44:12 +03:00
• 10b6350cb5 Extend PE compare signature; minor formatting DosX 2026-06-20 19:43:24 +03:00
• d77aa6f6dd Skip empty/small sections during entropy scan DosX 2026-06-20 19:33:40 +03:00
• 10fa1b1822 Only skip tiny sections when sectionOffset > 0 DosX 2026-06-20 16:09:22 +03:00
• 16aff736fc dbs_min update DosX 2026-06-20 15:59:58 +03:00
• 722077df81 Allow wildcards in sub ebp immediate pattern DosX 2026-06-20 15:59:50 +03:00
• eb07d5723d Refactor risk score calc and verdict details DosX 2026-06-20 08:06:00 +03:00
• ddcb553e3f dbs_min update DosX 2026-06-20 07:42:54 +03:00
• 7c7194f655 Refactor scanning: extract scanArea and improve heuristics DosX 2026-06-20 07:42:34 +03:00
• f22203954f Extend section name regex to match .edata/.xdata DosX 2026-06-20 06:02:20 +03:00
• 3a4f9a10e6 Detect ASCII/UTF-16LE Base64 payloads DosX 2026-06-20 05:59:25 +03:00
• 90db1886d7 dbs_min update DosX 2026-06-19 17:53:21 +03:00
• 88548b7a0b Clarify detection scope in comment DosX 2026-06-19 17:52:58 +03:00
• 0ab54f846c Label payloads as executable and skip PE sections DosX 2026-06-19 17:49:09 +03:00
• 0a74ea574a Optimize PE scan loop and hex decoding DosX 2026-06-19 11:45:39 +03:00
• b92aeb6e9a Merge branch 'master' of https://github.com/horsicq/Detect-It-Easy DosX 2026-06-19 11:22:34 +03:00
• 5f45111d01 Refactor getDecrypted and add conhost.exe DosX 2026-06-19 11:22:31 +03:00
• f4aa94179a add ObjGrid signature Benjamin Funke 2026-06-19 01:18:10 +02:00
• d7ce667b68 add FluidSynth signature Benjamin Funke 2026-06-19 00:45:21 +02:00
• 8d8fa5f773 add DWMAPI signature Benjamin Funke 2026-06-19 00:16:31 +02:00
• d74d71aa29 audio.1.sg now has unique format IDs for parsing + extra Kaens 2026-06-18 20:06:01 +02:00
• 400ed3f5d9 dbs_min update DosX 2026-06-18 19:34:33 +03:00
• 8dc9261189 Support SUB-REV mode and PE verification fix DosX 2026-06-18 19:34:17 +03:00
• 828cb6e9cf Remove redundant whitespace stripping on signature DosX 2026-06-18 19:07:58 +03:00
• 85f36dee0a Increase default section scan size to 0x3000 DosX 2026-06-18 18:29:01 +03:00
• 4c582a4ef1 Refactor: add getDecodedBuffer and reuse DosX 2026-06-18 18:11:14 +03:00
• 47d213b809 dbs_min update DosX 2026-06-18 18:00:44 +03:00
• 4c480aa3b6 Fix PE header, hex parsing, and overlay scan DosX 2026-06-18 17:58:35 +03:00
• 9893fbad90 Fix lfaNewOffset unsigned calc and verify size DosX 2026-06-18 16:02:09 +03:00
• a69fcc2e0e Update __GenericHeuristicAnalysis_By_DosX.7.sg DosX 2026-06-18 15:55:22 +03:00
• 1f67d14028 Reduce scan sizes and add section scanning DosX 2026-06-18 15:24:57 +03:00
• d21026b565 Refactor KPA scan; add overlay scanning DosX 2026-06-18 09:55:36 +03:00
• 123c8e1eb3 Tighten PE heuristic thresholds DosX 2026-06-18 09:23:28 +03:00
• 00603c95ef Detect multiple encrypted PE algorithms in resources DosX 2026-06-18 09:09:37 +03:00
• f58d4d00fe Extend XOR PE KPA to 20-byte keys and tighten checks DosX 2026-06-18 08:21:42 +03:00
• a065244668 dbs_min update DosX 2026-06-18 07:29:20 +03:00
• f6de2b5687 Update __GenericHeuristicAnalysis_By_DosX.7.sg DosX 2026-06-18 07:29:12 +03:00
• 29cb94f796 Declare loop variables and tighten scopes DosX 2026-06-18 07:22:58 +03:00
• 5cd261630b Detect XOR-encrypted PE in resource sections DosX 2026-06-18 07:12:46 +03:00
• c654c99320 Expand heuristic strings, add NoIP and fixes DosX 2026-06-18 05:48:33 +03:00
• 78aab14a73 Enhance credential heuristics and patterns DosX 2026-06-18 05:29:59 +03:00
• 6fb2cf5815 dbs_min update DosX 2026-06-17 17:53:19 +03:00
• 9e0b8daba0 Improve Intel XeSS detection heuristics DosX 2026-06-17 17:52:50 +03:00
• a4bf165f51 Expand OpenSSL library detection regex DosX 2026-06-17 17:39:58 +03:00
• 4eb1f22b4e Add Detect It Easy rule for NVIDIA GeForce NOW SDK DosX 2026-06-17 17:39:49 +03:00
• 1dd4e2eeaf Refine protector heuristic regex DosX 2026-06-17 14:21:28 +03:00
• 2902dc790d Add PE detection rule for Brotli library DosX 2026-06-17 14:12:20 +03:00
• bbc91ca478 dbs_min update DosX 2026-06-14 18:51:21 +03:00
• 1bbd0975ed Merge branch 'master' of https://github.com/horsicq/Detect-It-Easy DosX 2026-06-14 18:51:03 +03:00