gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-05 20:40:05 -08:00
Code Issues Packages Projects Releases Wiki Activity
5,848 Commits 42 Branches 48 Tags
master
Commit Graph

5848 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Capa Bot
6e68034d57 Sync capa rules submodule 2025-03-10 20:19:50 +00:00
Capa Bot
0df50f5d54 Sync capa-testfiles submodule 2025-03-10 19:51:07 +00:00
Capa Bot
f1131750cc Sync capa rules submodule 2025-03-10 19:48:37 +00:00
dependabot[bot]
077082a376 build(deps): bump humanize from 4.10.0 to 4.12.0 (#2606) 
Bumps [humanize](https://github.com/python-humanize/humanize) from 4.10.0 to 4.12.0.
- [Release notes](https://github.com/python-humanize/humanize/releases)
- [Commits](https://github.com/python-humanize/humanize/compare/4.10.0...4.12.0)

---
updated-dependencies:
- dependency-name: humanize
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2025-03-10 13:03:59 -06:00
dependabot[bot]
86318093da build(deps-dev): bump vitest from 1.6.0 to 1.6.1 in /web/explorer (#2608) 
Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v1.6.1/packages/vitest)

---
updated-dependencies:
- dependency-name: vitest
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2025-03-10 12:45:16 -06:00
dependabot[bot]
4ee8a7c6b1 build(deps): bump setuptools from 75.8.0 to 76.0.0 (#2621) 
Bumps [setuptools](https://github.com/pypa/setuptools) from 75.8.0 to 76.0.0.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/setuptools/compare/v75.8.0...v76.0.0)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-10 12:44:49 -06:00
Capa Bot
151d30bec6 Sync capa rules submodule 2025-03-05 20:56:46 +00:00
Willi Ballenthin
3bd339522e v9.1.0 (#2614) 
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
v9.1.0 		2025-03-04 13:24:03 -07:00
Mike Hunhoff
7ecf292095 render: don't assume prior matches exist within thread (#2612) 
* render: don't assume prior matches exist within thread

* update CHANGELOG

* update comments
 2025-03-03 17:49:03 -07:00
Capa Bot
45ea683d19 Sync capa-testfiles submodule 2025-02-26 08:56:48 +00:00
Capa Bot
2b95fa089d Sync capa rules submodule 2025-02-25 15:59:41 +00:00
Mike Hunhoff
d3d71f97c8 vmray: only verify process OS and monitor ID match (#2613) 2025-02-24 14:14:05 -07:00
Willi Ballenthin
4c9d81072a main: don't require rules to render result document directly (#2611) 2025-02-24 17:47:00 +01:00
Capa Bot
a94c68377a Sync capa rules submodule 2025-02-22 19:41:30 +00:00
Capa Bot
14e076864c Sync capa-testfiles submodule 2025-02-22 19:13:14 +00:00
Capa Bot
6684f9f890 Sync capa rules submodule 2025-02-21 19:37:24 +00:00
dependabot[bot]
e622989eeb build(deps): bump psutil from 6.1.0 to 7.0.0 (#2605) 
Bumps [psutil](https://github.com/giampaolo/psutil) from 6.1.0 to 7.0.0.
- [Changelog](https://github.com/giampaolo/psutil/blob/master/HISTORY.rst)
- [Commits](https://github.com/giampaolo/psutil/compare/release-6.1.0...release-7.0.0)

---
updated-dependencies:
- dependency-name: psutil
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2025-02-21 10:26:04 -07:00
Capa Bot
9c9dd15bf9 Sync capa rules submodule 2025-02-21 16:29:46 +00:00
Capa Bot
06fad4a89e Sync capa-testfiles submodule 2025-02-21 12:17:50 +00:00
Capa Bot
e06a0ab75f Sync capa rules submodule 2025-02-21 12:16:25 +00:00
Capa Bot
0371ade358 Sync capa rules submodule 2025-02-20 22:18:12 +00:00
dependabot[bot]
80b5a116a5 build(deps): bump pygithub from 2.5.0 to 2.6.0 (#2604) 
Bumps [pygithub](https://github.com/pygithub/pygithub) from 2.5.0 to 2.6.0.
- [Release notes](https://github.com/pygithub/pygithub/releases)
- [Changelog](https://github.com/PyGithub/PyGithub/blob/main/doc/changes.rst)
- [Commits](https://github.com/pygithub/pygithub/compare/v2.5.0...v2.6.0)

---
updated-dependencies:
- dependency-name: pygithub
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-20 12:50:10 -07:00
dependabot[bot]
9a270e6bdd build(deps): bump pyinstaller from 6.11.1 to 6.12.0 (#2602) 
Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from 6.11.1 to 6.12.0.
- [Release notes](https://github.com/pyinstaller/pyinstaller/releases)
- [Changelog](https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES.rst)
- [Commits](https://github.com/pyinstaller/pyinstaller/compare/v6.11.1...v6.12.0)

---
updated-dependencies:
- dependency-name: pyinstaller
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2025-02-19 20:35:07 +01:00
dependabot[bot]
8773bc77ab build(deps): bump mypy from 1.14.1 to 1.15.0 (#2601) 
Bumps [mypy](https://github.com/python/mypy) from 1.14.1 to 1.15.0.
- [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md)
- [Commits](https://github.com/python/mypy/compare/v1.14.1...v1.15.0)

---
updated-dependencies:
- dependency-name: mypy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2025-02-19 20:34:51 +01:00
Mike Hunhoff
a278bf593a cape: models: parse minimum fields required for analysis (#2607) 
* cape: models: parse minimum fields required for analysis

* update CHANGELOG
 2025-02-19 08:55:12 -07:00
Capa Bot
f85cd80d90 Sync capa rules submodule 2025-02-11 09:25:04 +00:00
Willi Ballenthin
736ad1cbc8 version v9 (#2590) 
* v9.0.0

* changelog: remove testing rule file

* changelog: v9

* changelog: v9

* update homepage with v9 release
v9.0.0 		2025-02-05 09:41:32 +01:00
Capa Bot
bc4cfb8111 Sync capa rules submodule 2025-02-04 20:50:02 +00:00
Capa Bot
93ec5425f7 Sync capa rules submodule 2025-02-04 20:49:39 +00:00
Capa Bot
245d8dd6ed Sync capa rules submodule 2025-02-04 20:48:27 +00:00
Willi Ballenthin
40203a0f83 Fix/tests in master (#2592) 2025-02-04 21:48:13 +01:00
Willi Ballenthin
5467fac1a5 Fix/lints in master (#2589) 
* requirements: fix yanked protobuf version

* binja: insn: fix lints
 2025-02-04 12:08:24 +01:00
Capa Bot
ced9516bb4 Sync capa rules submodule 2025-02-04 09:23:30 +00:00
vibhatsu
a8e8935212 Replace binascii and struct with native Python methods (#2582) 
* refactor: replace binascii with bytes for hex conversions

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* refactor: replace struct unpacking with bytes conversion

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* simplify byte extraction for ELF header

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* Revert "refactor: replace struct unpacking with bytes conversion"

This reverts commit 483f8c9a85.

* update CHANGELOG

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

---------

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>
Co-authored-by: Willi Ballenthin <wballenthin@google.com>
 2025-02-04 09:53:36 +01:00
dependabot[bot]
96f9e7cffc build(deps): bump black from 24.10.0 to 25.1.0 (#2586) 
Bumps [black](https://github.com/psf/black) from 24.10.0 to 25.1.0.
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](https://github.com/psf/black/compare/24.10.0...25.1.0)

---
updated-dependencies:
- dependency-name: black
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Willi Ballenthin <wballenthin@google.com>
 2025-02-04 09:52:14 +01:00
dependabot[bot]
ef6bff3267 build(deps): bump isort from 5.13.2 to 6.0.0 (#2585) 
Bumps [isort](https://github.com/pycqa/isort) from 5.13.2 to 6.0.0.
- [Release notes](https://github.com/pycqa/isort/releases)
- [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md)
- [Commits](https://github.com/pycqa/isort/compare/5.13.2...6.0.0)

---
updated-dependencies:
- dependency-name: isort
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Willi Ballenthin <wballenthin@google.com>
 2025-02-04 09:51:27 +01:00
Capa Bot
b6171cf96b Sync capa rules submodule 2025-02-04 08:32:52 +00:00
Capa Bot
38c813e063 Sync capa rules submodule 2025-02-03 18:55:40 +00:00
Willi Ballenthin
6d19226ee9 rules: scopes can now have subscope blocks with same scope (#2584) 2025-02-03 19:54:05 +01:00
Dhruva Kumar Kaushal
923e5e1130 use _yield from []_ to create empty generator when needed #2572 (#2581) 
* use _yield from []_ to create empty generator when needed #2572

* Update PR with fixes

* solved CI code style error

* Fixed formatting with black

* Fixed formatting with black

* code styles error

* code styles error

* code styles error

* code style error

* Update capa-rules submodule to master

* Similar changes to other files

---------

Co-authored-by: Willi Ballenthin <wballenthin@google.com>
 2025-02-03 16:25:59 +01:00
vibhatsu
cff8a6ac87 Feat/warn for dynamic dotnet (#2568) 
* add warning for dynamic dotnet samples

* format passing

* update CHANGELOG

* minor bug fix

* refactor: add static and dynamic limitation checks to capabilites

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* refactor: rename file limitation checks to static limitation checks

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* reformatting

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* update CHANGELOG

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* refactor: separate static and dynamic limitation rule checks, remove comments

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* update CHANGELOG

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* enhance capability handling with new Capabilities dataclass and update related functions

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* refactor: reorganize limitation rule functions

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* update CHANGELOG

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

---------

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>
Co-authored-by: Willi Ballenthin <wballenthin@google.com>
 2025-02-03 11:48:02 +01:00
vibhatsu
2798d605bc add lint for duplicate feature under a statement (#2573) 
* add lint for duplicate feature under a statement

* add support for more scopes

* fix format for duplicate feature lint

* fix false positives for duplicate features lint

* remove unused code and comments

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* refactor duplicate feature lint to use yaml parser

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* update CHANGELOG

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* clarify for using rule definition

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* update CHANGELOG

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

* refactor duplicate feature lint to improve key generation and tracking of line numbers

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>

---------

Signed-off-by: vibhatsu <maulikbarot2915@gmail.com>
 2025-01-31 10:05:53 +01:00
Capa Bot
91d0d8c212 Sync capa rules submodule 2025-01-29 17:55:01 +00:00
Willi Ballenthin
618a5fa2e5 pyproject: remove pytest-cov 
closes #2491
 2025-01-29 18:54:42 +01:00
Willi Ballenthin
712e35c6f7 feat: add lint to validate rule dependency scope compatibility 
closes #2124
 2025-01-29 18:53:30 +01:00
Capa Bot
83ec75c49d Sync capa rules submodule 2025-01-29 09:41:14 +00:00
Willi Ballenthin
990fd20757 update submodules 2025-01-29 02:25:06 -07:00
Willi Ballenthin
caae77dab6 vverbose: don't render full ppid/pid/tid in nested blocks, only callid 2025-01-29 02:25:06 -07:00
Willi Ballenthin
4f844533c5 vverbose: don't use plural "calls" when there's a single call 2025-01-29 02:25:06 -07:00
Willi Ballenthin
9a0c4f712d vverbose: fix rendering of span-of-calls summaries 
https://github.com/mandiant/capa/pull/2532#discussion_r1920711965

vverbose: fix collection of span-of-calls call match locations
 2025-01-29 02:25:06 -07:00