Ana Maria Martinez Gomez
3cd97ae9f2
[copyright + license] Fix headers
...
Replace the header from source code files using the following script:
```Python
for dir_path, dir_names, file_names in os.walk("capa"):
for file_name in file_names:
# header are only in `.py` and `.toml` files
if file_name[-3:] not in (".py", "oml"):
continue
file_path = f"{dir_path}/{file_name}"
f = open(file_path, "rb+")
content = f.read()
m = re.search(OLD_HEADER, content)
if not m:
continue
print(f"{file_path}: {m.group('year')}")
content = content.replace(m.group(0), NEW_HEADER % m.group("year"))
f.seek(0)
f.write(content)
```
Some files had the copyright headers inside a `"""` comment and needed
manual changes before applying the script. `hook-vivisect.py` and
`pyinstaller.spec` didn't include the license in the header and also
needed manual changes.
The old header had the confusing sentence `All rights reserved`, which
does not make sense for an open source license. Replace the header by
the default Google header that corrects this issue and keep capa
consistent with other Google projects.
Adapt the linter to work with the new header.
Replace also the copyright text in the `web/public/index.html` file for
consistency.
2025-01-15 08:52:42 -07:00
Mike Hunhoff
31ec208a9b
dynamic: cape: fix A/W API detection
2024-09-26 14:27:45 -06:00
Yacine
cf3494d427
Add a Feature Extractor for the Drakvuf Sandbox ( #2143 )
...
* initial commit
* update changelog
* Update CHANGELOG.md
* Update pyproject.toml
* Apply suggestions from code review: Typos
Co-authored-by: Vasco Schiavo <115561717+VascoSch92@users.noreply.github.com >
* capa/helpers.py: update if/else statement
Co-authored-by: Vasco Schiavo <115561717+VascoSch92@users.noreply.github.com >
* loader.py: replace print() statement with log.info()
* Update capa/features/extractors/drakvuf/models.py
Co-authored-by: Moritz <mr-tz@users.noreply.github.com >
* extractors/drakvuf/call.py: yield arguments right to left
* extractors/drakvuf/file.py: add a TODO comment for extracting more file features
* extractors/drakvuf/global_.py: add arch extraction
* extractors/drakvuf/helpers.py: ignore null pids
* capa/helpers.py: mention msgspec.json explicitely
* capa/helpers.py: generalize empty sandbox reports error logging
* capa/loader.py: log jsonl garbage collection into debug
* features/extractors/drakvuf/models.py: add documentation for SystemCall class
* capa/main.py: fix erroneous imports
* drakvuf extractor: fixed faulty type annotations
* fix black formatting
* fix flake8 issues
* drakvuf file extraction: add link to tracking issue
* drakvuf reports: add the ability to read gzip-compressed report files
* capa/helpers.py: fix mypy issues
* apply review comments
* drakvuf/helpers.py: add more information about null pid
* drakvuf/file.py: remove discovered_dlls file strings extraction
* capa/helpers.py: add comments for the dynamic extensions
* capa/helpers.py: log bad lines
* capa/helpers.py: add gzip support for reading one jsonl line
* drakvuf/helpers.py: add comment for sort_calls()
* tests/fixtures.py: add TODO for unifying CAPE and Drakvuf tests
* drakvuf/models.py: add TODO comment for supporting more drakvuf plugins
* tests/fixtures.py: remove obsolete file strings tests
* Update capa/main.py
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com >
* Update capa/features/extractors/drakvuf/models.py
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com >
* Update capa/features/extractors/drakvuf/models.py
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com >
* Update capa/features/extractors/drakvuf/call.py
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com >
* Update CHANGELOG.md
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com >
* Update capa/features/extractors/drakvuf/helpers.py
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com >
* review comments
* Update capa/features/extractors/drakvuf/extractor.py
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com >
* Update capa/features/extractors/drakvuf/models.py
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com >
* styling
* drakvuf/extractor.py: black linting
* drakvuf/models.py: remove need to empty report checking
* tests: add drakvuf models test
* Update capa/features/extractors/drakvuf/global_.py
Co-authored-by: msm-cert <156842376+msm-cert@users.noreply.github.com >
* Update tests/test_cape_features.py
Co-authored-by: msm-cert <156842376+msm-cert@users.noreply.github.com >
* Update capa/features/extractors/drakvuf/models.py
Co-authored-by: msm-cert <156842376+msm-cert@users.noreply.github.com >
* Apply suggestions from code review: rename Drakvuf to DRAKVUF
Co-authored-by: msm-cert <156842376+msm-cert@users.noreply.github.com >
* drakvuf/call.py: use int(..., 0) instead of str_to_number()
* remove str_to_number
* drakvuf/call.py: yield argument memory address value as well
* Update call.py: remove verbosity in yield statement
* Update call.py: yield missing address as well
* drakvuf/call.py: yield entire argument string only
* update readme.md
* Update README.md: typo
* Update CHANGELOG.md
Co-authored-by: msm-cert <156842376+msm-cert@users.noreply.github.com >
---------
Co-authored-by: Vasco Schiavo <115561717+VascoSch92@users.noreply.github.com >
Co-authored-by: Moritz <mr-tz@users.noreply.github.com >
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com >
Co-authored-by: msm-cert <156842376+msm-cert@users.noreply.github.com >
2024-07-24 14:22:21 +02:00
Yacine Elhamer
d520bfc753
fix bugs and add copyrights
2023-07-20 11:19:54 +01:00
Yacine Elhamer
301b10d261
fix style issues
2023-07-20 10:52:43 +01:00
Willi Ballenthin
7f57fccefb
fix lints after sync with master
2023-07-10 02:55:50 +02:00
Yacine Elhamer
31a349b13b
cape feature tests: fix feature count function typo
2023-06-20 13:21:52 +01:00
Yacine Elhamer
98e7acddf4
fix codestyle issues
2023-06-19 16:59:27 +01:00
Yacine Elhamer
a04512d7b8
add unit tests for the cape feature extractor
2023-06-19 16:43:54 +01:00
