Rule $concat_with_spaces causes a lot of false positives

Question

scottcwilson opened this issue 6 years ago · 3 comments

I wonder if there's a better way of doing this.

Answer 1 · 2019-07-04T20:08:22.000Z

Feel free to issue a PR if you come up with a better solution :)

Answer 2 · 2019-07-04T20:10:34.000Z

Can you show me some true positives that this catches? I would need something to verify my work.

Answer 3 · 2019-07-04T20:12:47.000Z

Something like "s". "y" ."st"."e"."m(". I guess, or $a.$b.$c.$d. $cd, or "sy" . $s . "em(" . $BinA_ry .")"