apiscout | project aims at simplifying Windows API import recovery
kandi X-RAY | apiscout Summary
kandi X-RAY | apiscout Summary
apiscout is a Python library. apiscout has no bugs, it has no vulnerabilities, it has build file available, it has a Permissive License and it has low support. You can install using 'pip install apiscout' or download it from GitHub, PyPI.
This project aims at simplifying Windows API import recovery. As input, arbitrary memory dumps for a known environment can be processed (please note: a reference DB has to be built first, using apiscout/db_builder). The output is an ordered list of identified Windows API references with some meta information, and an ApiVector fingerprint. The code should be fully compatible with Python 2 and 3. There is a blog post describing ApiScout in more detail: Also, another blog post explaining how ApiVectors are constructed and stored: We also presented a paper at Botconf 2018 that describes the ApiScout methodology in-depth, including an evaluation over Malpedia:
This project aims at simplifying Windows API import recovery. As input, arbitrary memory dumps for a known environment can be processed (please note: a reference DB has to be built first, using apiscout/db_builder). The output is an ordered list of identified Windows API references with some meta information, and an ApiVector fingerprint. The code should be fully compatible with Python 2 and 3. There is a blog post describing ApiScout in more detail: Also, another blog post explaining how ApiVectors are constructed and stored: We also presented a paper at Botconf 2018 that describes the ApiScout methodology in-depth, including an evaluation over Malpedia:
Support
Quality
Security
License
Reuse
Support
apiscout has a low active ecosystem.
It has 152 star(s) with 35 fork(s). There are 17 watchers for this library.
It had no major release in the last 12 months.
There are 3 open issues and 10 have been closed. On average issues are closed in 23 days. There are no pull requests.
It has a neutral sentiment in the developer community.
The latest version of apiscout is 2.0.2
Quality
apiscout has 0 bugs and 0 code smells.
Security
apiscout has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
apiscout code analysis shows 0 unresolved vulnerabilities.
There are 0 security hotspots that need review.
License
apiscout is licensed under the BSD-2-Clause License. This license is Permissive.
Permissive licenses have the least restrictions, and you can use them in most projects.
Reuse
apiscout releases are not available. You will need to build from source code and install.
Deployable package is available in PyPI.
Build file is available. You can build the component from source.
apiscout saves you 3301 person hours of effort in developing the same functionality from scratch.
It has 7098 lines of code, 379 functions and 35 files.
It has high code complexity. Code complexity directly impacts maintainability of the code.
Top functions reviewed by kandi - BETA
kandi has reviewed apiscout and discovered the below as its top functions. This is intended to give you an instant insight into apiscout implemented functionality, and help decide if they suit your requirements.
- Dump the contents of the image
- Add a new line of text
- Append text to the text
- Add lines from text
- Parse the export directory
- Unpack data
- Unpack data from the PE file
- Count the number of zeros in a string
- Evaluate the import table
- Parse directory load configuration data
- Generate signature signatures for a section
- Get all memory from IDA data
- Parse the directory bound imports section
- Parse debug directory
- Applies names to API results
- Parse an import directory
- Parse the Delay import directory
- Parse relocation directory
- Checks if the given PE file is suspiciously
- Write the structure to a file
- Render API results
- Return the import path of the module
- Match code data
- Loads a db file
- Check if the file is packed
- Recursively extracts the dependencies of the given paths
Get all kandi verified functions for this library.
apiscout Key Features
No Key Features are available at this moment for apiscout.
apiscout Examples and Code Snippets
No Code Snippets are available at this moment for apiscout.
Community Discussions
No Community Discussions are available at this moment for apiscout.Refer to stack overflow page for discussions.
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
No vulnerabilities reported
Install apiscout
You can install using 'pip install apiscout' or download it from GitHub, PyPI.
You can use apiscout like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.
You can use apiscout like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.
Support
For any new features, suggestions and bugs create an issue on GitHub.
If you have any questions check and ask questions on community page Stack Overflow .
Find more information at:
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
