009368f278
removing empty structural expressions from tree view
2020-06-26 14:38:14 -06:00
68736a07f6
Merge pull request #29 from fireeye/default-sort-capa-explorer
...
capa explorer tree view default to sorted asc, trim regex matches
2020-06-26 11:51:18 -06:00
540f68c5c7
tree view default to sorted asc, trim regex matches
2020-06-26 11:28:11 -06:00
7ff69097db
Merge pull request #27 from fireeye/fix/dont-show-subscope-rules
...
do not display subscope rules in any mode
2020-06-26 11:20:25 -06:00
dcd66f41fa
do not display subscope rules in any mode
2020-06-26 16:19:07 +02:00
b973d7fc50
Merge pull request #26 from fireeye/vverbose-output-scope-enhancement
...
enhancements for displaying relevant scope data for vverbose and verbose display
2020-06-25 13:47:00 -06:00
e1f924ffd1
tweak verbose display to remove empty va addresses for file scope
2020-06-25 13:39:05 -06:00
4740bf576b
Merge branch 'master' into vverbose-output-scope-enhancement
2020-06-25 13:23:00 -06:00
9d5ecadf95
adding support to display appropriate scope name in vverbose mode
2020-06-25 13:22:07 -06:00
290af74368
Merge pull request #17 from fireeye/add-warnings-dialog-capa-explorer
...
adding new checks for file format limitations in capa explorer plugin
2020-06-25 21:07:13 +02:00
25f0262748
moving code around for supported file type dialouge in standalone tool and capa explorer
2020-06-25 11:09:47 -06:00
a5004b2014
adding support checks for AMD64/binary files in capa explorer and capa main
2020-06-25 10:05:19 -06:00
83dbf81d2b
adding new checks for file format limitations in capa explorer plugin
2020-06-24 16:29:30 -06:00
9842ae6c8f
Merge pull request #10 from fireeye/doc/code-review-improvements
...
update documentation
2020-06-24 08:23:12 -06:00
53f374024b
Merge branch 'master' into doc/code-review-improvements
2020-06-24 08:22:52 -06:00
fb6d8354bd
Merge pull request #11 from fireeye/mr-tz-update-setup-hooks
...
Update setup-hooks.sh
2020-06-24 08:17:02 -06:00
3defaf0d22
Merge pull request #13 from fireeye/all-the-single-quotes
...
double to single quotes
2020-06-24 08:15:58 -06:00
beba3fb3c7
double to single quotes
2020-06-24 15:00:35 +02:00
95b3b129ec
Update setup-hooks.sh
2020-06-24 14:29:50 +02:00
730f0b21fe
document -t (tag) option
2020-06-24 13:23:46 +02:00
d3d7070e95
Merge pull request #9 from fireeye/ana-build
...
Remove Build Status from README
2020-06-24 13:01:20 +02:00
d2d1f26e7b
update documentation
2020-06-24 12:55:35 +02:00
72b6ee5cf3
Remove Build Status from README
...
This should have been removed as part of the migration. The build status
in the README will be reimplemented using GitHub Actions and
https://shields.io
2020-06-24 12:31:01 +02:00
fa9bb946ed
Merge pull request #1 from fireeye/ana-hooks
...
Add hooks for running linters and tests
2020-06-22 09:42:07 -06:00
273ca81919
Merge pull request #2 from fireeye/doc/submodule-install
...
add submodule doc
2020-06-22 09:41:29 -06:00
dfaa907319
scripts: migrate rules: better variable names
2020-06-22 07:00:23 -06:00
ffd926c84c
scripts: migrate-rules: detect rules that aren't in the migration plan
2020-06-22 06:59:10 -06:00
b466087c97
add submodule doc
2020-06-22 12:48:53 +02:00
96ad823e35
Add hooks for running linters and tests
...
Add the `scripts/setup-hooks.sh` script which sets the following hooks
up:
- The `post-commit` hook runs the linter after every `git commit`,
letting you know if there are code style or rule linter offenses you
need to fix.
- The `pre-push` hook runs the linter and the tests and block the `git
push` if they do not succeed.
This way you realise if everything is alright without the need of
sending a PR.
2020-06-22 11:35:45 +02:00
5eddc9d3f4
scripts: migrate-rules: parse ATT&CK from tag name
2020-06-21 17:59:16 -06:00
8f097b883c
Merge pull request #25 from fireeye/rule-organization
...
apply rule reorganization
2020-06-25 13:42:38 -06:00
c06a1dae8a
scripts: migrate-rules: migrates rules pretty well
2020-06-21 17:40:16 -06:00
07daf3d46b
rule: fmt: support pulling meta from the rule instance
2020-06-21 16:57:58 -06:00
23037ad763
tests: fmt: fix expected format
2020-06-21 16:56:17 -06:00
7a81b739ea
Merge branch 'master' into rule-organization
2020-06-21 16:48:33 -06:00
e537aa3698
submodule: rules: update
2020-06-21 16:47:54 -06:00
c8eee01f31
rules: fmt: add additional meta field ordering
2020-06-21 16:43:24 -06:00
b3ca9f0daf
rule: fmt: add trailing newline to capa files
2020-06-21 15:51:11 -06:00
b23ff0358b
rules: pep8
2020-06-21 15:48:06 -06:00
2db385dd80
rule: fmt: avoid word wrapping lines
2020-06-21 15:47:29 -06:00
4f7e7d1b76
Merge pull request #22 from fireeye/capafmt
...
add capafmt utility
2020-06-25 08:55:26 -06:00
aa88840b5a
Merge pull request #15 from fireeye/ana-remove-element
...
Get rid of the Element class
2020-06-25 06:50:50 -06:00
4a5625fa8a
Merge pull request #16 from fireeye/documentation-scan
...
documentation changes
2020-06-25 10:38:54 +02:00
ee3a688e1b
update rules
2020-06-25 10:10:58 +02:00
b505197af1
documentation changes
2020-06-24 15:03:21 -06:00
7e1e9e6618
Get rid of the Element class
...
The `Element` class is just used for testing. By using `Element` we are
not testing the actual code. Also, every time we implement a new feature
for the `Feature` class, we need to implement it for `Element` as well.
Replace `Element` by `Integer`.
2020-06-24 18:05:52 +02:00
130c766f65
Merge pull request #14 from fireeye/mr-tz-remove-six
...
remove six requirement
2020-06-24 08:28:21 -06:00
bd92ded344
remove six requirement
2020-06-24 16:24:34 +02:00
fea1177c5e
add tests for formatting
2020-06-21 13:03:07 -06:00
09fa5a4227
rules: use ruamel to maintain comments
2020-06-21 12:24:32 -06:00
Michael Hunhoff