3929164fc2
Merge branch 'backend-ghidra' of github.com:mandiant/capa into backend-ghidra
2023-08-28 13:24:23 -06:00
f3a2a5958d
fix Ghidra detection
2023-08-28 13:24:14 -06:00
6d3f649a0c
remove backend-ghidra from CI
2023-08-28 12:21:30 -07:00
e00608e298
ghidra hotfix: fix ghidrathon download ( #1771 )
...
* hotfix: fix ghidrathon download
2023-08-28 12:19:45 -07:00
995014afc2
merge upstream
2023-08-28 12:40:49 -06:00
a522ae20f1
update CHANGELOG
2023-08-28 12:40:02 -06:00
203fc36865
cleanup CHANGELOG merge
2023-08-28 12:33:07 -06:00
7bd2467074
remove backend-ghidra from workflows
2023-08-28 12:32:52 -06:00
f339bbf68c
Merge pull request #1769 from mandiant/dependabot/pip/ruff-0.0.286
...
build(deps-dev): bump ruff from 0.0.285 to 0.0.286
2023-08-28 20:26:11 +02:00
8ed4062cf1
sync rules submodule with upstream
2023-08-28 12:13:10 -06:00
807792f879
build(deps-dev): bump ruff from 0.0.285 to 0.0.286
...
Bumps [ruff](https://github.com/astral-sh/ruff ) from 0.0.285 to 0.0.286.
- [Release notes](https://github.com/astral-sh/ruff/releases )
- [Changelog](https://github.com/astral-sh/ruff/blob/main/BREAKING_CHANGES.md )
- [Commits](https://github.com/astral-sh/ruff/compare/v0.0.285...v0.0.286 )
---
updated-dependencies:
- dependency-name: ruff
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2023-08-28 14:48:55 +00:00
9dc457e61e
Update capa/features/freeze/__init__.py
...
Co-authored-by: Willi Ballenthin <wballenthin@google.com >
2023-08-28 15:40:31 +02:00
9eb88e6ca7
Merge branch 'dynamic-feature-extraction' of https://github.com/mandiant/capa into dynamic-feature-extraction
2023-08-28 13:24:58 +02:00
214a355b9c
binja extractor: remove unused pathlib.Path import
2023-08-28 13:24:54 +02:00
9cea7346b2
ghidra: documentation ( #1759 )
...
* Implement ghidra documentation
2023-08-27 19:21:36 -07:00
4d538b939e
Update scripts/import-to-ida.py
...
Co-authored-by: Willi Ballenthin <wballenthin@google.com >
2023-08-27 14:59:10 +02:00
8c9e676868
binja: use binja api's methods to get the file hash
2023-08-27 14:31:43 +02:00
b0133f0aa1
various fixes
2023-08-26 19:28:07 +02:00
49adecb25c
add yaml representer for the Scope class, as well as other bugfixes
2023-08-26 18:11:35 +02:00
e9a9b3a6b6
point the data file to the latest PR
2023-08-26 13:04:45 +02:00
d7c9ae26bc
Merge branch 'master' into backend-ghidra
2023-08-26 02:08:22 +00:00
fddec33d04
ghidra: fix api info caching ( #1766 )
...
* cache and retrive imports, externs, and fakes in FunctionHandle objects
* reduce cache retreival calls
* cache in GhidraFeatureExtractor, point fh.ctx to cache
* move caching routine to __init__
2023-08-25 19:03:38 -07:00
65179805a7
add a Ghidra entry script users can invoke to run capa against a loaded Ghidra database ( #1767 )
...
* enable use of Ghidra with show-features.py
* fix bug in is_supported_file_type
* fix bug in GhidraFeatureExtractor.get_function
* refactor get_insn_in_range
* add Ghidra entry script for users to more easily run capa against a loaded Ghidra database
* update CHANGELOG
* fixing lint
* fix fixtures import issue
* fix bug in is_supported_arch_type
* add check for supported arch type
* fix extract_embedded_pe performance
2023-08-25 18:35:59 -07:00
d5daa79547
Merge pull request #1764 from mandiant/fix/scope-enum-usage
...
rules: use Scope enum instead of constants
2023-08-25 20:58:34 +03:00
90df85b332
test for com_feature
...
matching a file as expected
generating the bytes/strings
if an unknown COM class/interface is provided?
2023-08-25 20:59:58 +05:30
88ee6e661e
wip: proto: add Metadata.[static, dynamic]_analysis
2023-08-25 14:40:50 +00:00
08c9bbcc91
proto: deprecate RuleMetadata.scope
2023-08-25 13:22:48 +00:00
f96b9e6a6e
proto: add RuleMetadata.scopes
2023-08-25 13:20:46 +00:00
9bbd3184b0
rules: handle unsupported scopes again
2023-08-25 13:15:55 +00:00
e4c1361d42
Merge branch 'fix/scope-enum-usage' into fix/dynamic-proto
2023-08-25 13:01:49 +00:00
17e4765728
changelog
2023-08-25 13:00:34 +00:00
7e258a91ec
Merge branch 'dynamic-feature-extraction' into fix/scope-enum-usage
2023-08-25 14:59:18 +02:00
b88853f327
changelog
2023-08-25 14:59:03 +02:00
a60401fc7e
Merge branch 'master' into dynamic-feature-extraction
2023-08-25 14:58:35 +02:00
a734358377
rules: use Scope enum instead of constants
2023-08-25 12:54:57 +00:00
ebcbad3ae3
proto: add new scopes
2023-08-25 12:21:37 +00:00
8ff74d4a04
proto: regenerate using 3.21 protoc
2023-08-25 12:20:51 +00:00
bd0d8eb403
Update __init__.py
...
added parse_description for com feature
Update CHANGELOG.md
added comments, dealt with errors
2023-08-25 16:04:25 +05:30
9b79aa1983
Merge branch 'Aayush-Goel-04/Issue#322' of https://github.com/Aayush-Goel-04/capa into Aayush-Goel-04/Issue#322
2023-08-25 15:42:17 +05:30
172968c77e
Update CHANGELOG.md
2023-08-25 15:42:02 +05:30
f1a7049ab5
Merge branch 'master' into Aayush-Goel-04/Issue#322
2023-08-25 15:39:03 +05:30
155a2904fb
Update CHANGELOG.md
2023-08-25 15:38:00 +05:30
4c2e8fd718
Merge branch 'Aayush-Goel-04/Issue#322' of https://github.com/Aayush-Goel-04/capa into Aayush-Goel-04/Issue#322
2023-08-25 15:33:52 +05:30
95e279a03b
update com db
...
moved code to rules/init.py , create db for coms
2023-08-25 15:32:40 +05:30
f2909c82f3
proto: reenable tests and linters
2023-08-25 09:41:25 +00:00
164b08276c
extractor: tweak hashes to fix mypy
2023-08-25 09:38:23 +00:00
b930523d44
freeze: add TODO issue link
2023-08-25 11:32:56 +02:00
9d21addc6b
Merge pull request #1763 from mandiant/v6.1.0
...
version: v6.1.0
2023-08-25 11:11:59 +02:00
9accb60eff
changelog
2023-08-25 09:11:04 +00:00
61202913a6
changelog
2023-08-25 09:07:09 +00:00
Mike Hunhoff