gitea-mirror/capa - capa - Gitea: Git with a cup of tea

mirror of https://github.com/mandiant/capa.git synced 2026-01-12 13:05:23 -08:00

Author	SHA1	Message	Date
Mike Hunhoff	29fa3153b1	vmray: fix deptry lints	2024-06-20 14:17:42 -06:00
Mike Hunhoff	4b08e62750	vmray: fix flake8 lints	2024-06-20 14:12:34 -06:00
Mike Hunhoff	544899a04e	vmray: add os v. monitor id comment	2024-06-20 14:06:04 -06:00
Mike Hunhoff	9ef705a9ac	vmray: remove old comments	2024-06-20 14:04:31 -06:00
Mike Hunhoff	19502efff3	vmray: connect process, thread, and call	2024-06-20 13:05:32 -06:00
Mike Hunhoff	ec21f3b3fc	vmray: use xmltodict instead of pydantic_xml to improve performance	2024-06-20 10:08:27 -06:00
Mike Hunhoff	5be68d0751	vmray: remove debug code and update call features entry point	2024-06-20 08:20:00 -06:00
Moritz	8757dad054	Merge pull request #2155 from r-sm2024/vmray_extractor Add VMRayAnalysis model and call parser	2024-06-19 17:30:46 +02:00
mr-tz	0c9d3d09af	fix ruff	2024-06-19 15:13:11 +00:00
mr-tz	740c739356	remove file	2024-06-19 15:09:34 +00:00
mr-tz	d256cc867f	update model and re-add summary_v2.json models	2024-06-19 14:57:05 +00:00
mr-tz	fbdfea1edc	add testing code	2024-06-19 14:56:12 +00:00
mr-tz	453a640de9	formatting	2024-06-19 14:55:43 +00:00
mr-tz	d10b396300	add pydantic-xml dependency	2024-06-19 14:50:46 +00:00
mr-tz	a544aed552	add vmray-extractor branch for tests	2024-06-19 14:49:12 +00:00
Moritz	a1a171221f	Merge branch 'vmray-extractor' into vmray_extractor	2024-06-19 10:56:40 +02:00
Mike Hunhoff	21887d1ec6	vmray: merge upstream	2024-06-18 15:43:19 -06:00
r-sm2024	789332ec88	Merge branch 'vmray-extractor' into vmray_extractor	2024-06-18 16:41:36 -05:00
Mike Hunhoff	85a85e99bf	vmray: emit recorded artifacts as strings	2024-06-18 15:38:44 -06:00
r-sm2024	574d61ad8f	Add VMRayanalysis model and call parser	2024-06-18 21:33:50 +00:00
r-sm2024	3cca80860d	Add VMRayanalysis model and call parser	2024-06-18 21:32:40 +00:00
r-sm2024	2b70086467	Add VMRayanalysis model and call parser	2024-06-18 21:32:40 +00:00
Mike Hunhoff	d26a806647	vmray: update scripts/show-features.py to emit process name from extractor	2024-06-18 14:59:29 -06:00
Mike Hunhoff	e5fa800ffb	vmray: emit empty thread features	2024-06-18 14:45:08 -06:00
r-sm2024	be274d1d65	Merge branch 'mandiant:master' into vmray_extractor	2024-06-18 15:42:52 -05:00
Mike Hunhoff	b3ebf80d9b	vmray: emit process name	2024-06-18 14:41:47 -06:00
Mike Hunhoff	8f32b7fc65	vmray: emit process handles	2024-06-18 14:32:11 -06:00
Mike Hunhoff	f3d69529b0	vmray: invoke VMRay feature extractor from capa.main	2024-06-18 13:27:40 -06:00
ygasparis	1975b6455c	extract import / export symbols from stripped elf binaries (#2142 )	2024-06-18 12:38:02 -06:00
Mike Hunhoff	51656fe825	vmray: merge upstream	2024-06-18 10:53:32 -06:00
Capa Bot	1360e08389	Sync capa-testfiles submodule	2024-06-18 11:00:26 +00:00
dependabot[bot]	40061b3c42	build(deps): bump viv-utils from 0.7.9 to 0.7.11 (#2150 )	2024-06-18 06:36:10 +02:00
dependabot[bot]	45fca7adea	build(deps): bump python-flirt from 0.8.6 to 0.8.10 (#2151 )	2024-06-18 06:35:50 +02:00
Mike Hunhoff	654804878f	vmray: clean up global_.py debug output	2024-06-14 09:34:59 -06:00
Mike Hunhoff	8b913e0544	vmray: extract global features for PE files	2024-06-14 09:32:02 -06:00
Moritz	482686ab81	Merge pull request #2147 from mandiant/release/v710 bump to v7.1.0 v7.1.0	2024-06-14 12:56:46 +02:00
mr-tz	67f8c4d28c	bump to v7.1.0	2024-06-14 09:06:04 +00:00
Capa Bot	3f151a342b	Sync capa rules submodule	2024-06-14 09:02:02 +00:00
Mike Hunhoff	00cb7924e1	vmray: clean up pydantic models and add sample hash extraction	2024-06-13 17:02:50 -06:00
Mike Hunhoff	7e079d4d35	vmray: restrict analysis to PE files	2024-06-13 16:52:25 -06:00
Mike Hunhoff	346a0693ad	vmray: clean up VMRayAnalysis	2024-06-13 16:48:12 -06:00
Mike Hunhoff	8d3f032434	vmray: clean up pydantic models and implement base address extraction	2024-06-13 16:43:23 -06:00
Mike Hunhoff	7d0ac71353	vmray: cleanup pydantic models and implement file section extraction	2024-06-13 16:31:12 -06:00
Mike Hunhoff	970b184651	vmray: add stubs for file imports	2024-06-13 14:20:11 -06:00
Mike Hunhoff	ca02b4ac7c	vmray: expand extractor to emit file export features	2024-06-13 14:12:41 -06:00
Mike Hunhoff	a797405648	vmray: add example models for summary_v2.json	2024-06-13 12:54:59 -06:00
mr-tz	a9dafe283c	example using pydantic-xml to parse flog.xml	2024-06-13 16:37:45 +00:00
dependabot[bot]	e87e8484b6	build(deps): bump ruff from 0.4.7 to 0.4.8 (#2139 ) Bumps [ruff](https://github.com/astral-sh/ruff) from 0.4.7 to 0.4.8. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](https://github.com/astral-sh/ruff/compare/v0.4.7...v0.4.8) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Willi Ballenthin <wballenthin@google.com>	2024-06-13 13:24:33 +02:00
Willi Ballenthin	8726de0d65	ELF: Detect OS from Go binaries (#1987 ) * elf: read segment memory size * elf: add routine to read mapped memory * elf: better detect OS for binaries compiled by Go * elf: guess OS from Go source filenames * changelog * elf: mypy * merge * elf: add OS detection based on vDSO strings * elf: document VTGrep searches * elf: describe further technique to identify Go binaries * elf: search for `.go.buildinfo` section via @yelhamer * black * elf: detect Alpine Linux ident * elf: log interest symtab entries * tests: add test for OS detection by Go buildinfo * loader: handle missing viv modules * pre-commit: run deptry before tests (which are slow) * loader: describe removing viv symbolic switch solver * pyproject: add PyGithub for deptry * black	2024-06-13 13:23:47 +02:00
Moritz	7d1512a3de	Merge pull request #2146 from mandiant/fix/2145 fix black and mypy	2024-06-13 11:49:18 +02:00

1 2 3 4 5 ...

5059 Commits