fixed imports and dependencies

__init__.py

@@ -1,22 +1,22 @@
 from binaryninja import PluginCommand
 
-from obfuscation_detection import detect_obfuscation
-from obfuscation_detection import heuristics
+from .obfuscation_detection import detect_obfuscation
+from .obfuscation_detection.heuristics import *
 
 PluginCommand.register("Obfuscation Detection\\All",
                        "Detects obfuscated code via heuristics", detect_obfuscation)
 
 PluginCommand.register("Obfuscation Detection\\Flattened Functions",
-                       "Heuristic to detect flattened functions", heuristics.find_flattened_functions)
+                       "Heuristic to detect flattened functions", find_flattened_functions)
 
 PluginCommand.register("Obfuscation Detection\\Complex Functions",
-                       "Heuristic to detect complex functions", heuristics.find_complex_functions)
+                       "Heuristic to detect complex functions", find_complex_functions)
 
 PluginCommand.register("Obfuscation Detection\\Large Basic Blocks",
-                       "Heuristic to detect functions with large basic blocks", heuristics.find_large_basic_blocks)
+                       "Heuristic to detect functions with large basic blocks", find_large_basic_blocks)
 
 PluginCommand.register("Obfuscation Detection\\Instruction Overlapping",
-                       "Heuristic to detect instruction overlapping", heuristics.find_instruction_overlapping)
+                       "Heuristic to detect instruction overlapping", find_instruction_overlapping)
 
 PluginCommand.register("Obfuscation Detection\\Uncommon Instruction Sequences",
-                       "Heuristic to detect uncommon instruction sequences", heuristics.find_uncommon_instruction_sequences)
+                       "Heuristic to detect uncommon instruction sequences", find_uncommon_instruction_sequences)

obfuscation_detection/__init__.py

@@ -11,8 +11,8 @@ def detect_obfuscation(bv):
     # find large basic blocks
     find_large_basic_blocks(bv)
 
-    # find overlapping instructions
-    find_instruction_overlapping(bv)
-
     # find uncommon instruction sequences
     find_uncommon_instruction_sequences(bv)
+
+    # find overlapping instructions
+    find_instruction_overlapping(bv)

obfuscation_detection/heuristics.py

@@ -2,7 +2,7 @@
 
 from binaryninja import highlight
 
-from obfuscation_detection.utils import *
+from .utils import *
 
 
 def find_flattened_functions(bv):

obfuscation_detection/ngrams.py

@@ -1,5 +1,3 @@
-from collections import Counter
-
 # 1k most common 3-grams of x86_64
 MOST_COMMON_3GRAMS = {'addaddadd',
                       'addaddcmp',

obfuscation_detection/utils.py

@@ -1,7 +1,7 @@
 from collections import Counter
 from math import ceil
 
-from obfuscation_detection.ngrams import MOST_COMMON_3GRAMS
+from .ngrams import MOST_COMMON_3GRAMS
 
 
 def calc_flattening_score(function):