Releases: bolin8017/upxelfdet
Releases · bolin8017/upxelfdet
Release list
v0.2.1
What's Changed
Features
- Add configurable
output.vectorizepath in configuration to allow users to specify the vectorize folder location
Configuration
New output.vectorize option available in config:
{
"output": {
"vectorize": "./output/vectorize"
}
}Full Changelog: v0.2.0...v0.2.1
v0.2.0 - Initial Public Release
🎉 First Release: upxelfdet
A machine learning-based detector for UPX-packed ELF malware using n-gram feature extraction and SVM classification.
✨ Features
- ELF Binary Analysis: Extracts features from specific sections of ELF files
- N-gram Vectorization: Converts binary features into numeric vectors with configurable n-gram sizes
- SVM Classification: Trains and evaluates Support Vector Machine models
- CLI Interface: Command-line tools for training, evaluation, and prediction
- Python API: Programmatic access to detector functionality
- Flexible Configuration: JSON-based configuration for easy experimentation
- Structured Logging: Comprehensive logging with both human-readable and JSON formats
📦 What's Included
- Complete source code with modular architecture
- CLI commands:
upxelfdet train/evaluate/predict - Example usage script with detailed comments
- Sample data for demonstration
- Comprehensive documentation
- Unit tests
🚀 Quick Start
# Install
git clone https://github.com/bolin8017/upxelfdet.git
cd upxelfdet
pip install -e .
# Train model
upxelfdet train --config config.example.json
# Evaluate model
upxelfdet evaluate --config config.example.json
# Make predictions
upxelfdet predict --config config.example.json📚 Documentation
See README.md for detailed documentation, API reference, and examples.
🔒 Security Notice
This tool is intended for security research and educational purposes only. Handle malware samples with extreme caution.
📄 License
MIT License - see LICENSE for details.