Merge branch 'main' into feature/cn-gpt

Merge pull request 'doc/add_banner' (#18 ) from doc/add_banner into main
Reviewed-on: #18 Reviewed-by: ccyj <ccyj@noreply.localhost> Reviewed-by: dqy <dqy@noreply.localhost>
2024-05-18 20:58:38 +08:00 · 2024-05-18 20:54:42 +08:00 · 2024-05-18 20:54:00 +08:00 · 2024-05-18 20:51:51 +08:00 · 2024-05-14 19:54:49 +08:00 · 2024-05-14 17:50:16 +08:00
4 changed files with 16 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@@ -0,0 +1 @@
+*.webp filter=lfs diff=lfs merge=lfs -text
--- a/README.md
+++ b/README.md
@@ -1,5 +1,6 @@
 # BackDoorBuster

+![BackDoorBuster Banner](./banner.webp)
 ## 项目背景

 随着网络安全威胁的增加，恶意软件和后门的检测成为了保护个人和组织数据安全的重要任务。后门通常被隐藏在合法软件中，给黑客提供远程控制目标系统的能力。本项目旨在开发一个工具，能够有效识别和评估潜在的后门风险。
--- a/banner.webp
+++ b/banner.webp
--- a/docs/idea.md
+++ b/docs/idea.md
@@ -8,6 +8,10 @@

 参考项目： [https://github.com/SonarSource/sonarqube]

+检查源代码的语法和关键词。通过这种方式，可以发现是否存在与其他语言的交互，比如调用外部命令、使用其他语言的扩展模块、与其他语言的接口交互等。
+
+实现方法：可以使用Python代码解析库（如ast模块）来分析语法树，并检查特定的代码模式或结构；开发脚本来搜索Python代码中常用于与其他语言交互的关键词和函数，例如ctypes、subprocess、os.system等
+
 ## 控制流分析

 通过分析程序的控制流（即程序中各个操作的执行顺序），可以检测到异常的控制流路径，这些路径可能是后门的迹象。
@@ -22,6 +26,10 @@

 这个网站可以搜索依赖中是否存在漏洞： [https://security.snyk.io/package/pip/]

+分析代码库中的依赖关系，查找是否导入了与其他语言交互相关的模块或库
+
+实施策略：开发脚本进行依赖库对比匹配
+
 ## 异常行为检测

 通过定义“正常”代码行为的基线，可以标识出异常行为，这些异常行为可能指示着后门的存在。
@@ -33,3 +41,6 @@
 使用NLP技术来训练机器学习模型，以自动从大量代码中学习和识别异常或潜在的后门模式。

 开发方法：采用深度学习框架如TensorFlow或PyTorch，结合NLP处理工具，训练模型识别代码中的异常行为。
+
+
+
Author	SHA1	Message	Date
dqy	44c6086b8c	Merge branch 'main' into feature/cn-gpt Some checks failed Python application test / build (pull_request) Failing after 14m6s	2024-05-18 20:58:38 +08:00
dqy	27ec14be54	Merge pull request 'doc/add_banner' (#18 ) from doc/add_banner into main Some checks failed Python application test / build (push) Failing after 14m12s Reviewed-on: #18 Reviewed-by: ccyj <ccyj@noreply.localhost> Reviewed-by: dqy <dqy@noreply.localhost>	2024-05-18 20:54:42 +08:00
dqy	21d1a6f3cc	Merge branch 'main' into doc/add_banner Some checks failed Python application test / build (pull_request) Failing after 14m46s	2024-05-18 20:54:00 +08:00
dqy	dbdfc1897c	Merge pull request 'doc：增加检测Python对其他语言的封装' (#17 ) from doc/python-binding into main Some checks are pending Python application test / build (push) Waiting to run Reviewed-on: #17 Reviewed-by: sangge <sangge@noreply.localhost> Reviewed-by: dqy <dqy@noreply.localhost>	2024-05-18 20:51:51 +08:00
sangge	594e0934e5	Merge branch 'main' into doc/python-binding Some checks failed Python application test / build (pull_request) Failing after 15m14s	2024-05-14 19:54:49 +08:00
sangge-redmi	3e0dd66d31	doc: add project's banner Some checks are pending Python application test / build (pull_request) Waiting to run	2024-05-14 17:50:16 +08:00
sangge-redmi	24206b13af	feat: add git lfs	2024-05-14 17:49:28 +08:00
ccyj	3c7e5f4c3d	doc：增加检测Python对其他语言的封装 Some checks are pending Python application test / build (pull_request) Waiting to run	2024-05-11 21:37:35 +08:00
ccyj	4bbe8ea62f	doc：增加检测Python对其他语言的封装 Some checks failed Python application test / build (pull_request) Failing after 12m6s	2024-05-05 20:12:43 +08:00