A C# plugin could integrate with YARA rules. Upon loading a binary, the plugin hashes the selection and checks it against a local YARA rule set, highlighting malicious byte sequences directly in the hex view using color-coded backgrounds.