- Completely rewrite README.md with comprehensive project overview and technical details
- Add detailed explanation of antivirus engine architecture and detection strategies
- Implement multi-stage malware detection with machine learning, sandbox, and PE structure analysis
- Update project configuration and add new source files for enhanced detection capabilities
- Integrate XGBoost machine learning model with C++ export functionality
- Improve sandbox environment with advanced module and LDR data table handling
- Remove legacy Python prediction and training scripts in favor of C++ implementation
- Extract SEH-based import library parsing into a separate function for better modularity
- Add new processImportWithSEH and processImportWithSEH_Internal functions to handle import parsing safely
- Update README.md with more detailed project description and initial engine classification
- Improve error handling and exception management during PE import directory traversal
- Standardize library name processing with lowercase transformation
- Add size validation to prevent potential DoS attacks
- Implement a maximum file size limit of 2GB
- Add exception handling to prevent access violations
- Improve robustness of byte frequency calculation
- Add basic input validation for data and size parameters
- Add robust boundary and size validation for Rich header parsing
- Prevent potential buffer overread with controlled search area
- Implement additional checks to handle maliciously crafted PE files
- Limit Rich header search to a maximum reasonable size
- Ensure safe memory access during signature detection
- Added ParseRichHeader method to extract Rich header information from PE files
- Defined RichEntry and RichHeaderInfo structures to store Rich header details
- Implemented decoding of Rich header entries with checksum XOR technique
- Updated ml.h and ml.cpp to support Rich header parsing
- Improved error handling and logging in ProcessDirectory method
- Translated some log messages to English for consistency
- Added null pointer and boundary checks in ExtractFeatures method
- Prevent potential buffer overread when searching for Rich header signature
- Improve robustness of feature extraction for PE file analysis
- Implemented MachineLearning class with ExtractFeatures method
- Updated project files to include new machine learning source and header files
- Modified main executable to call feature extraction
- Updated VSCode settings to include additional C++ headers
- Commented out previous file dumping code in main function
