gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-17 18:07:47 -08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'parentrepo/dynamic-feature-extraction' into find-dynamic-capabilities

Browse Source
This commit is contained in:
Yacine Elhamer
2023-07-20 20:02:49 +01:00
parent 7de223f116 5ae588deaa
commit 1029b369f2
141 changed files with 1054 additions and 756 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
scripts/show-capabilities-by-function.py
View File

@@ -1,4 +1,11 @@
#!/usr/bin/env python2
# Copyright (C) 2023 Mandiant, Inc. All Rights Reserved.
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at: [package root]/LICENSE.txt
# Unless required by applicable law or agreed to in writing, software distributed under the License
# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and limitations under the License.
"""
show-capabilities-by-function
@@ -40,7 +47,7 @@ Example::
- connect TCP socket
...
Copyright (C) 2020 Mandiant, Inc. All Rights Reserved.
Copyright (C) 2023 Mandiant, Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at: [package root]/LICENSE.txt
@@ -54,6 +61,7 @@ import logging
import argparse
import collections
from typing import Dict
from pathlib import Path
import colorama
@@ -138,7 +146,7 @@ def main(argv=None):
capa.main.handle_common_args(args)
try:
taste = get_file_taste(args.sample)
taste = get_file_taste(Path(args.sample))
except IOError as e:
logger.error("%s", str(e))
return -1
@@ -161,8 +169,7 @@ def main(argv=None):
if (args.format == "freeze") or (args.format == FORMAT_AUTO and capa.features.freeze.is_freeze(taste)):
format_ = "freeze"
with open(args.sample, "rb") as f:
extractor: FeatureExtractor = capa.features.freeze.load(f.read())
extractor: FeatureExtractor = capa.features.freeze.load(Path(args.sample).read_bytes())
else:
format_ = args.format
should_save_workspace = os.environ.get("CAPA_SAVE_WORKSPACE") not in ("0", "no", "NO", "n", None)