-
Notifications
You must be signed in to change notification settings - Fork 567
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarify references to case studies in readme #2437
Comments
Hey @Greatz08 Thanks for raising this concern about our intro. I appreciate the request to recognize open source software, including Al-Khaser - a tool that has definitely influenced capa! First, let's continue this thread of discussion, because its important to get right fully and consistently. With that said, the wording of our intro is ambiguous, and our reference to I think we should update our wording to make the examples and their sources more clear. We can open a PR for that. What else do you think we can do? |
@williballenthin ok now i get it, Thanks for explaining things from your side. In my opinion explaining little bit about al-khaser project so that people can understand easily what it and referencing it to al-khaser github page will be enough as people who are interested will study more how it works and can easily relate how capa works to detect all those things. This much will be enough in my opinion For me personally both capa and al-khaser projects are pretty awesome and i could relate as i did know about al-khaser before knowing capa but i am sure max wont know about it and might think al-khaser project as virus so educating them is also responsibility for us and that is one more reason for me to ask you to explain al-khaser project when showcasing so that more people can understand and relate things easily without having to take risk in finding and running actual sus file/virus to test capa :-)) |
Instead of this you can mention properly with due respect that you have used open source project which is based on malware analysis kind of tool and what all things it runs and showcase how capa can detect all those as example . In this way people will not have wrong image about al-khaser project which is important because it also deserves equal respect as open source project which is unique and well maintained instead of been shown as "unknown suspicious binary" plus they can read al-khaser code (https://github.com/LordNoteworthy/al-khaser) and understand all how it works and what all things it do plus how project capa can detect all those things successfully from exe file so all together this would give best open picture to all users.
The text was updated successfully, but these errors were encountered: