gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-06-29 01:38:35 -07:00
Code Issues Packages Projects Releases Wiki Activity
799 Commits 54 Branches 49 Tags
2e8d02c0aba94de66d3435d92876904c3bc109de
Commit Graph

117 Commits

Author SHA1 Message Date
William Ballenthin e4acfd4852 merge 2020-08-04 09:48:26 -06:00
William Ballenthin f02412bcc5 tests: fix function address 2020-08-03 19:10:05 -06:00
William Ballenthin b09f29a996 features: viv: extract strings/bytes from nested pointers 
closes #200
 2020-08-03 17:35:29 -06:00
William Ballenthin b81b5e5993 rules: add support for arch flavors of Number and Offset features 
closes #210
 2020-08-03 16:28:47 -06:00
Capa Bot 9d069b11ba Sync capa-testfiles submodule 2020-08-03 16:04:03 +00:00
Capa Bot 52f9615d63 Sync capa-testfiles submodule 2020-07-31 21:17:04 +00:00
Capa Bot 6f689574d5 Sync capa-testfiles submodule 2020-07-31 15:43:08 +00:00
Capa Bot 96f207ca1f Sync capa-testfiles submodule 2020-07-29 21:13:21 +00:00
William Ballenthin c2bdeabeb8 submodule: testfiles update 2020-07-28 10:44:39 -06:00
Willi Ballenthin 137c0ca7f3 Merge pull request #209 from Ana06/statement-description 
Enable descriptions for statement nodes
 2020-07-28 10:02:07 -06:00
Capa Bot 01aa4755c5 Sync capa-testfiles submodule 2020-07-28 16:00:10 +00:00
Ana María Martínez Gómez 61818bbe04 tests: Test statement nodes descriptions 
Add statement descriptions to `test_rule_yaml_descriptions` to ensure
rules with statement descriptions are parsed and extracted correctly.
 2020-07-28 15:58:55 +02:00
Ana María Martínez Gómez a74ab922a3 Get rid of * for Statement 
They are not needed and complicate the code and make more difficult to
add more parameters to the initialization of Statements.

This produces many changes in the tests. The alternative would be to add
a parameter None in all of them, which are also a lot of changes.
 2020-07-28 14:20:13 +02:00
Capa Bot 261713d0d1 Sync capa-testfiles submodule 2020-07-27 21:05:14 +00:00
William Ballenthin 7236283b2f tests: ida: address comments 2020-07-25 11:40:04 -06:00
William Ballenthin 2fa2a98ae1 pep8 2020-07-25 10:26:57 -06:00
William Ballenthin 352d6f26fc tests: ida: ensure they all pass 
closes #202
 2020-07-25 10:10:25 -06:00
William Ballenthin 1a1caf76fa add test_ida_features 2020-07-25 01:41:23 -06:00
William Ballenthin c91f9a375e ida: parse offsets as signed numbers 
closes #197
 2020-07-25 00:58:44 -06:00
William Ballenthin 682bb14b99 submodule: testfiles update 2020-07-24 15:23:34 -06:00
William Ballenthin 12cff3599a submodule: testfiles update 2020-07-23 17:20:16 -06:00
Capa Bot 20673a3166 Sync capa-testfiles submodule 2020-07-23 17:27:15 +00:00
Capa Bot 662a750c71 Sync capa-testfiles submodule 2020-07-22 21:37:43 +00:00
William Ballenthin baeea5b6ec *: update license header to reference Apache 2.0 
closes #173
 2020-07-22 15:05:24 -06:00
Capa Bot c5626b695b Sync capa-testfiles submodule 2020-07-22 18:07:40 +00:00
Capa Bot f383181fed Sync capa-testfiles submodule 2020-07-17 17:34:44 +00:00
Ana María Martínez Gómez 07764fb31f Use isort 5 
Run `isort --profile black --length-sort --line-width 120 .`

Update documentation as well.
 2020-07-16 22:02:53 +02:00
William Ballenthin f1fa4e134a submodule: testfiles update 2020-07-15 19:11:39 -06:00
Ana María Martínez Gómez 78dae308c2 Add test for RegExp descriptions 
Now that RegExp are a feature, ensure that descriptions are working.
 2020-07-15 22:37:38 +02:00
William Ballenthin 3faf175da7 *: add license header 
closes #144
 2020-07-15 14:14:53 -06:00
William Ballenthin 61264bc500 submodule: update 2020-07-14 09:06:59 -06:00
William Ballenthin 867de57062 main: find_capabilities: extract feature counts per item, too 
closes #95
closes #96
 2020-07-03 10:12:03 -06:00
William Ballenthin 5317e1e11e feature extractor: null: add get_base_address() 
closes #88
 2020-07-03 09:32:37 -06:00
Michael Hunhoff d5a8c844db remove format changes added by black 2020-07-03 12:30:33 -06:00
Michael Hunhoff f09e683ef5 removing stale imports 2020-07-03 12:24:17 -06:00
Moritz 6730eb1c5e Merge pull request #83 from fireeye/fix-count-bb 
fix #78 count bb
 2020-07-03 08:55:09 +02:00
William Ballenthin a50bd4c394 pep8 2020-07-02 15:51:08 -06:00
William Ballenthin 9ad52da6d0 add test for #78 2020-07-02 15:50:56 -06:00
Moritz Raabe 8b5f58bf31 ensure string feature values are strings, tests 2020-07-02 23:44:39 +02:00
William Ballenthin 612eefe2e8 dos2unix 2020-07-02 11:08:21 -06:00
William Ballenthin 8f7cb6dad0 pep8 2020-07-02 11:01:18 -06:00
William Ballenthin 41c32013bb Merge branch 'master' into fmt-black 2020-07-02 11:00:14 -06:00
William Ballenthin 1188103d1c pep8: isort 2020-07-02 10:52:05 -06:00
Moritz Raabe c37365f045 fix render, cleanup feature string display 2020-07-02 18:48:14 +02:00
William Ballenthin 5fda3c467f tests: fix freeze test that was broken during merge 2020-07-02 10:40:16 -06:00
William Ballenthin c185e9ef09 pep8: black 2020-07-02 10:32:26 -06:00
William Ballenthin db2b1caeae Merge branch 'master' into fmt-black 2020-07-02 10:25:24 -06:00
Ana María Martínez Gómez 152129cc25 Add tests for description feature 
Test if the parsing of feature succeeds with every time of description.
 2020-07-02 16:50:28 +02:00
Ana María Martínez Gómez 64124c0b64 Remove True from Characteristic rules and output 
Get rid of `True` in characteristic (rules, output and json) as it is
implicit. This way, the same syntax is used for characteristic as for
the rest of the features.

Co-authored-by: William Ballenthin <william.ballenthin@fireeye.com>
 2020-07-02 16:50:15 +02:00
William Ballenthin d23ef48bb6 pep8 2020-07-01 12:33:13 -06:00