PolyMorph tackles a modern blind spot in malware detection: polyglot binaries that are valid in multiple formats (APE, Zig, WASM) and intentionally crafted to evade AV/EDR. If you care about threat hunting, red-team tooling, or hardening supply chains, this repo is a compact, pragmatic tool for finding cross-platform threats and WASM cryptominers that slip past signature-based scanners. GitHub

What it does? • Detects APE (Actually Portable Executable) polyglots that can run on multiple OSes, Zig-based evasive payloads that use direct syscalls, and malicious WASM modules (cryptomining & GPU abuse). • Lightweight Rust implementation with YARA rules and CLI examples for batch and JSON output designed for integration into pipelines and triage tooling. • Goal: give analysts a first-pass detector that flags suspicious imports, cryptominer patterns, and multi-format trickery so you can prioritize deeper analysis.

Looking for feedback: would YC Cybersecurity folks and fellow infosec hackers be interested in integrating PolyMorph into threat-hunting stacks or extending it into a lightweight runtime sandbox for behavioral correlation?