Skip to content

Releases: bolin8017/upxelfdet

v0.2.1

Choose a tag to compare

@bolin8017 bolin8017 released this 05 Feb 14:32

What's Changed

Features

  • Add configurable output.vectorize path in configuration to allow users to specify the vectorize folder location

Configuration

New output.vectorize option available in config:

{
  "output": {
    "vectorize": "./output/vectorize"
  }
}

Full Changelog: v0.2.0...v0.2.1

v0.2.0 - Initial Public Release

Choose a tag to compare

@bolin8017 bolin8017 released this 20 Jan 18:37

🎉 First Release: upxelfdet

A machine learning-based detector for UPX-packed ELF malware using n-gram feature extraction and SVM classification.

✨ Features

  • ELF Binary Analysis: Extracts features from specific sections of ELF files
  • N-gram Vectorization: Converts binary features into numeric vectors with configurable n-gram sizes
  • SVM Classification: Trains and evaluates Support Vector Machine models
  • CLI Interface: Command-line tools for training, evaluation, and prediction
  • Python API: Programmatic access to detector functionality
  • Flexible Configuration: JSON-based configuration for easy experimentation
  • Structured Logging: Comprehensive logging with both human-readable and JSON formats

📦 What's Included

  • Complete source code with modular architecture
  • CLI commands: upxelfdet train/evaluate/predict
  • Example usage script with detailed comments
  • Sample data for demonstration
  • Comprehensive documentation
  • Unit tests

🚀 Quick Start

# Install
git clone https://github.com/bolin8017/upxelfdet.git
cd upxelfdet
pip install -e .

# Train model
upxelfdet train --config config.example.json

# Evaluate model
upxelfdet evaluate --config config.example.json

# Make predictions
upxelfdet predict --config config.example.json

📚 Documentation

See README.md for detailed documentation, API reference, and examples.

🔒 Security Notice

This tool is intended for security research and educational purposes only. Handle malware samples with extreme caution.

📄 License

MIT License - see LICENSE for details.