Yacine Elhamer
|
2f32d4fe49
|
Update base_extractor.py with review comments
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
|
2023-06-27 11:20:02 +01:00 |
|
Willi Ballenthin
|
81d35eb645
|
Merge branch 'dynamic-feature-extraction' into static-extractor
|
2023-06-27 09:42:16 +02:00 |
|
Willi Ballenthin
|
ac24ac2507
|
Merge pull request #1566 from yelhamer/dynamic-show-features
integrate the CAPE extractor with the show-features.py script
|
2023-06-27 09:37:27 +02:00 |
|
Yacine Elhamer
|
b172f9a354
|
FeatureExtractor alias: fix mypy typing issues by adding ininstance-based assert statements
|
2023-06-26 22:46:27 +01:00 |
|
Yacine Elhamer
|
63e4d3d5eb
|
fix TypeAlias importing: import from typing_extensions to support Python 3.9 and lower
|
2023-06-26 21:14:17 +01:00 |
|
Yacine Elhamer
|
c74c8871f8
|
scripts: add type-related assert statements
|
2023-06-26 21:06:35 +01:00 |
|
Yacine Elhamer
|
3f5d08aedb
|
base_extractor.py: add TypeAlias keyword, use union instead of bar operator, add an extract_file_features() and extract_global_features() methods
|
2023-06-26 20:57:51 +01:00 |
|
Yacine Elhamer
|
ddcb299834
|
main.py: address review suggestions (using elif for type casts, renaming to find_static_capabilities())
|
2023-06-26 20:53:41 +01:00 |
|
Yacine Elhamer
|
a9f70dd1e5
|
main.py: update extractor type casting
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
|
2023-06-26 20:01:30 +01:00 |
|
Yacine Elhamer
|
aff0c6b49b
|
show-featurex.py: bugfix in ida_main()
|
2023-06-26 09:41:14 +01:00 |
|
Yacine Elhamer
|
417bb42ac8
|
show_features.py: rename show_{function,process}_features to show_{static,dynamic}_features.py
|
2023-06-26 09:16:59 +01:00 |
|
Yacine Elhamer
|
040ed4fa57
|
get_format_from_report(): use strings instead of literals
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
|
2023-06-26 09:05:20 +01:00 |
|
Yacine Elhamer
|
94fc7b4e9a
|
FeatureExtractor alias: add type casts to either StaticFeatureExtractor or DynamicFeatureExtractor
|
2023-06-26 01:23:01 +01:00 |
|
Yacine Elhamer
|
172e7a7649
|
update changelog
|
2023-06-25 23:03:13 +01:00 |
|
Yacine Elhamer
|
37ed138dcf
|
base_extractor(): add a StaticFeatureExtractor and DynamicFeatureExtractor base classes, as well as a FeatureExtractor type alias
|
2023-06-25 22:57:39 +01:00 |
|
Yacine Elhamer
|
5f6aade92b
|
get_format_from_report(): fix bugs and add a list of dynamic formats
|
2023-06-25 00:54:55 +01:00 |
|
Yacine Elhamer
|
0c62a5736e
|
add support for determining the format of a sandbox report
|
2023-06-24 23:51:12 +01:00 |
|
Yacine Elhamer
|
f1406c1ffd
|
scripts/show-features.py: prefix {static,dynamic}_analysis() functions' name with 'print_'
|
2023-06-23 13:58:34 +01:00 |
|
Yacine Elhamer
|
1cdc3e5232
|
fix codestyle
|
2023-06-23 13:48:49 +01:00 |
|
Yacine Elhamer
|
bd9870254e
|
Apply suggestions from code review: use EXTENSIONS_CAPE, and ident 'thread' by one more space
|
2023-06-23 13:31:35 +01:00 |
|
Yacine Elhamer
|
0442b8c1e1
|
Apply suggestions from code review: use is_ for booleans
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
|
2023-06-23 13:27:20 +01:00 |
|
Yacine Elhamer
|
585876d6af
|
capa/main.py: use "rb" for opening json files
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
|
2023-06-23 13:25:37 +01:00 |
|
Yacine Elhamer
|
902d726ea6
|
capa/main.py: change json import positioning to start of the file
|
2023-06-22 23:57:03 +01:00 |
|
Yacine Elhamer
|
3f35b426dd
|
Apply suggestions from code review
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
|
2023-06-22 21:58:01 +01:00 |
|
Yacine Elhamer
|
761d861888
|
Update fixtures.py samples path
|
2023-06-22 16:55:00 +01:00 |
|
Yacine Elhamer
|
9f185ed5c0
|
remove incompatible bar union syntax
|
2023-06-22 15:59:23 +01:00 |
|
Yacine Elhamer
|
63b2077335
|
get_extractor(): set return type to FeatureExtractor, and cast into the appropriate class before each usage
|
2023-06-22 15:55:24 +01:00 |
|
Yacine Elhamer
|
12d5beec6e
|
add type cast to fix get_extractor() typing issues
|
2023-06-22 15:51:56 +01:00 |
|
Yacine Elhamer
|
b77e68df19
|
fix codestyle and typing
|
2023-06-22 14:17:06 +01:00 |
|
Yacine Elhamer
|
fcdd4fa410
|
update changelog
|
2023-06-22 14:03:01 +01:00 |
|
Yacine Elhamer
|
07c48bca68
|
scripts/show-features.py: add dynamic feature extraction from cape reports
|
2023-06-22 13:56:54 +01:00 |
|
Yacine Elhamer
|
79ff76d124
|
main.py: fix bugs for adding the cape extractor/format
|
2023-06-22 13:55:50 +01:00 |
|
Yacine Elhamer
|
de2ba1ca94
|
add the cape report format to main and across several other locations
|
2023-06-22 12:55:39 +01:00 |
|
Yacine Elhamer
|
45002bd51d
|
Revert "scripts/show-features.py: add dynamic feature extraction from cape reports"
This reverts commit 64189a4d08.
|
2023-06-22 12:29:51 +01:00 |
|
Yacine Elhamer
|
be7ebad956
|
Revert "tests/fixtures.py: update path forming for the cape sample"
This reverts commit 6712801b01.
|
2023-06-22 12:18:34 +01:00 |
|
Yacine Elhamer
|
64189a4d08
|
scripts/show-features.py: add dynamic feature extraction from cape reports
|
2023-06-22 12:16:31 +01:00 |
|
Willi Ballenthin
|
708cb28ed0
|
Merge pull request #1546 from yelhamer/cape-extractor
add the CAPE feature extractor
|
2023-06-21 09:33:26 +02:00 |
|
Yacine Elhamer
|
6712801b01
|
tests/fixtures.py: update path forming for the cape sample
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
|
2023-06-20 20:30:06 +01:00 |
|
Yacine Elhamer
|
f29db693c8
|
fix git submodules error
|
2023-06-20 20:25:19 +01:00 |
|
Yacine Elhamer
|
0502bfd95d
|
remove cape report from get_md5_hash() function
|
2023-06-20 20:24:38 +01:00 |
|
Yacine Elhamer
|
78a3901c61
|
cape/helpers.py: add a find_process() function for quick-fetching processes from the cape report
|
2023-06-20 15:59:22 +01:00 |
|
Yacine Elhamer
|
0a4e3008af
|
fixtures.py: update CAPE's feature count and presence tests
|
2023-06-20 13:51:16 +01:00 |
|
Yacine Elhamer
|
d03ba5394f
|
cape/global_.py: add warning messages if architecture/os/format are unknown
|
2023-06-20 13:26:25 +01:00 |
|
Yacine Elhamer
|
2262e6c7d0
|
Merge branch 'test-cape-extractor' into cape-extractor
|
2023-06-20 13:22:15 +01:00 |
|
Yacine Elhamer
|
31a349b13b
|
cape feature tests: fix feature count function typo
|
2023-06-20 13:21:52 +01:00 |
|
Yacine Elhamer
|
1ba143ef26
|
Merge branch 'test-cape-extractor' into cape-extractor
|
2023-06-20 13:20:49 +01:00 |
|
Yacine Elhamer
|
1532ce1bab
|
add tests for extracting argument values
|
2023-06-20 13:20:33 +01:00 |
|
Yacine Elhamer
|
fa9b920b71
|
cape/thread.py: do not extract return values, and extract argument values as Strings
|
2023-06-20 13:17:53 +01:00 |
|
Yacine Elhamer
|
40b2d5f724
|
add a remote origin to submodule, and switch to that branch
|
2023-06-20 12:40:47 +01:00 |
|
Yacine Elhamer
|
0623a5a8de
|
point capa-testfiles submodule towards dynamic-feautre-extractor branch
|
2023-06-20 12:13:57 +01:00 |
|