Merge branch 'master' into dynamic-feature-extraction

2026-02-04 19:12:01 -08:00 · 2023-11-29 16:17:09 +01:00
parent 3c159a1f52 7db40c3af8
commit 73ea822123
5 changed files with 51 additions and 16 deletions
--- a/.github/workflows/pip-audit.yml
+++ b/.github/workflows/pip-audit.yml
@@ -0,0 +1,21 @@
+name: PIP audit
+
+on:
+  schedule:
+  - cron: '0 8 * * 1'
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    timeout-minutes: 20
+    strategy:
+      matrix:
+        python-version: ["3.11"]
+
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+
+      - uses: pypa/gh-action-pip-audit@v1.0.8
+        with:
+          inputs: .
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -22,7 +22,7 @@
 - update freeze format to v3, adding support for dynamic analysis @williballenthin
 - extractor: ignore DLL name for api features #1815 @mr-tz

-### New Rules (19)
+### New Rules (34)

 - nursery/get-ntoskrnl-base-address @mr-tz
 - host-interaction/network/connectivity/set-tcp-connection-state @johnk3r
@@ -43,6 +43,20 @@
 - host-interaction/process/inject/allocate-or-change-rwx-memory @mr-tz
 - lib/allocate-or-change-rw-memory 0x534a@mailbox.org @mr-tz
 - lib/change-memory-protection @mr-tz
+- anti-analysis/anti-av/patch-antimalware-scan-interface-function jakub.jozwiak@mandiant.com
+- executable/dotnet-singlefile/bundled-with-dotnet-single-file-deployment sara.rincon@mandiant.com
+- internal/limitation/file/internal-dotnet-single-file-deployment-limitation sara.rincon@mandiant.com
+- data-manipulation/encoding/encode-data-using-add-xor-sub-operations jakub.jozwiak@mandiant.com
+- nursery/access-camera-in-dotnet-on-android michael.hunhoff@mandiant.com
+- nursery/capture-microphone-audio-in-dotnet-on-android michael.hunhoff@mandiant.com
+- nursery/capture-screenshot-in-dotnet-on-android michael.hunhoff@mandiant.com
+- nursery/check-for-incoming-call-in-dotnet-on-android michael.hunhoff@mandiant.com
+- nursery/check-for-outgoing-call-in-dotnet-on-android michael.hunhoff@mandiant.com
+- nursery/compiled-with-xamarin michael.hunhoff@mandiant.com
+- nursery/get-os-version-in-dotnet-on-android michael.hunhoff@mandiant.com
+- data-manipulation/compression/create-cabinet-on-windows michael.hunhoff@mandiant.com jakub.jozwiak@mandiant.com
+- data-manipulation/compression/extract-cabinet-on-windows jakub.jozwiak@mandiant.com
+- lib/create-file-decompression-interface-context-on-windows jakub.jozwiak@mandiant.com
 -

 ### Bug Fixes
--- a/README.md
+++ b/README.md
@@ -2,7 +2,7 @@

 [![PyPI - Python Version](https://img.shields.io/pypi/pyversions/flare-capa)](https://pypi.org/project/flare-capa)
 [![Last release](https://img.shields.io/github/v/release/mandiant/capa)](https://github.com/mandiant/capa/releases)
-[![Number of rules](https://img.shields.io/badge/rules-847-blue.svg)](https://github.com/mandiant/capa-rules)
+[![Number of rules](https://img.shields.io/badge/rules-859-blue.svg)](https://github.com/mandiant/capa-rules)
 [![CI status](https://github.com/mandiant/capa/workflows/CI/badge.svg)](https://github.com/mandiant/capa/actions?query=workflow%3ACI+event%3Apush+branch%3Amaster)
 [![Downloads](https://img.shields.io/github/downloads/mandiant/capa/total)](https://github.com/mandiant/capa/releases)
 [![License](https://img.shields.io/badge/license-Apache--2.0-green.svg)](LICENSE.txt)
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -37,18 +37,18 @@ dependencies = [
    "tabulate==0.9.0",
    "colorama==0.4.6",
    "termcolor==2.3.0",
-    "wcwidth==0.2.8",
+    "wcwidth==0.2.12",
    "ida-settings==2.1.0",
    "viv-utils[flirt]==0.7.9",
    "halo==0.0.31",
    "networkx==3.1",
-    "ruamel.yaml==0.17.35",
+    "ruamel.yaml==0.18.5",
    "vivisect==1.1.1",
    "pefile==2023.2.7",
    "pyelftools==0.30",
    "dnfile==0.14.1",
    "dncil==1.0.2",
-    "pydantic==2.1.1",
+    "pydantic==2.4.0",
    "protobuf==4.23.4",
 ]
 dynamic = ["version"]
@@ -62,25 +62,25 @@ packages = ["capa"]
 [project.optional-dependencies]
 dev = [
    "pre-commit==3.5.0",
-    "pytest==7.4.2",
+    "pytest==7.4.3",
    "pytest-sugar==0.9.7",
    "pytest-instafail==0.5.0",
    "pytest-cov==4.1.0",
    "flake8==6.1.0",
-    "flake8-bugbear==23.9.16",
-    "flake8-encodings==0.5.0.post1",
+    "flake8-bugbear==23.11.26",
+    "flake8-encodings==0.5.1",
    "flake8-comprehensions==3.14.0",
    "flake8-logging-format==0.9.0",
-    "flake8-no-implicit-concat==0.3.4",
+    "flake8-no-implicit-concat==0.3.5",
    "flake8-print==5.0.0",
    "flake8-todos==0.3.0",
    "flake8-simplify==0.21.0",
    "flake8-use-pathlib==0.3.0",
    "flake8-copyright==0.2.4",
-    "ruff==0.0.291",
-    "black==23.9.1",
+    "ruff==0.1.6",
+    "black==23.11.0",
    "isort==5.11.4",
-    "mypy==1.6.0",
+    "mypy==1.7.1",
    "psutil==5.9.2",
    "stix2==3.0.1",
    "requests==2.31.0",
@@ -92,12 +92,12 @@ dev = [
    "types-tabulate==0.9.0.3",
    "types-termcolor==1.1.4",
    "types-psutil==5.8.23",
-    "types_requests==2.31.0.2",
+    "types_requests==2.31.0.10",
    "types-protobuf==4.23.0.3",
 ]
 build = [
-    "pyinstaller==6.1.0",
-    "setuptools==68.0.0",
+    "pyinstaller==6.2.0",
+    "setuptools==69.0.2",
    "build==1.0.3"
 ]

--- a/2
+++ b/2