Detector class allows to abstract detection tools, based on the
Base class and adding a special detection method called
check(formats): for checking if the detector applies for the input executable formats
detect(executable_or_folder_or_dataset): for detecting the packer used on an input executable, folder of executables or
test(executable_or_folder_or_dataset): for testing the detector(s) on an input executable, folder of executables or
Using as a class or an instance
The behavior of the detection method is different depending on the object it is called from. If calling it from:
Detectorclass: all the available detectors in
Detector.registrywith the attribute
vote=Trueare used and the label is determined based on a decision heuristic.
Detectorinstance: the particular detector (e.g.
Multiple valid input types
These functions are decorated with a special function that allows to input either a single executable, a folder of executables or a dataset containing a "
files" folder with executables.