Commit Graph

3751 Commits

Author SHA1 Message Date
Yacine Elhamer 2f32d4fe49 Update base_extractor.py with review comments
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
2023-06-27 11:20:02 +01:00
Willi Ballenthin 81d35eb645 Merge branch 'dynamic-feature-extraction' into static-extractor 2023-06-27 09:42:16 +02:00
Willi Ballenthin ac24ac2507 Merge pull request #1566 from yelhamer/dynamic-show-features
integrate the CAPE extractor with the show-features.py script
2023-06-27 09:37:27 +02:00
Yacine Elhamer b172f9a354 FeatureExtractor alias: fix mypy typing issues by adding ininstance-based assert statements 2023-06-26 22:46:27 +01:00
Yacine Elhamer 63e4d3d5eb fix TypeAlias importing: import from typing_extensions to support Python 3.9 and lower 2023-06-26 21:14:17 +01:00
Yacine Elhamer c74c8871f8 scripts: add type-related assert statements 2023-06-26 21:06:35 +01:00
Yacine Elhamer 3f5d08aedb base_extractor.py: add TypeAlias keyword, use union instead of bar operator, add an extract_file_features() and extract_global_features() methods 2023-06-26 20:57:51 +01:00
Yacine Elhamer ddcb299834 main.py: address review suggestions (using elif for type casts, renaming to find_static_capabilities()) 2023-06-26 20:53:41 +01:00
Yacine Elhamer a9f70dd1e5 main.py: update extractor type casting
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
2023-06-26 20:01:30 +01:00
Yacine Elhamer aff0c6b49b show-featurex.py: bugfix in ida_main() 2023-06-26 09:41:14 +01:00
Yacine Elhamer 417bb42ac8 show_features.py: rename show_{function,process}_features to show_{static,dynamic}_features.py 2023-06-26 09:16:59 +01:00
Yacine Elhamer 040ed4fa57 get_format_from_report(): use strings instead of literals
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
2023-06-26 09:05:20 +01:00
Yacine Elhamer 94fc7b4e9a FeatureExtractor alias: add type casts to either StaticFeatureExtractor or DynamicFeatureExtractor 2023-06-26 01:23:01 +01:00
Yacine Elhamer 172e7a7649 update changelog 2023-06-25 23:03:13 +01:00
Yacine Elhamer 37ed138dcf base_extractor(): add a StaticFeatureExtractor and DynamicFeatureExtractor base classes, as well as a FeatureExtractor type alias 2023-06-25 22:57:39 +01:00
Yacine Elhamer 5f6aade92b get_format_from_report(): fix bugs and add a list of dynamic formats 2023-06-25 00:54:55 +01:00
Yacine Elhamer 0c62a5736e add support for determining the format of a sandbox report 2023-06-24 23:51:12 +01:00
Yacine Elhamer f1406c1ffd scripts/show-features.py: prefix {static,dynamic}_analysis() functions' name with 'print_' 2023-06-23 13:58:34 +01:00
Yacine Elhamer 1cdc3e5232 fix codestyle 2023-06-23 13:48:49 +01:00
Yacine Elhamer bd9870254e Apply suggestions from code review: use EXTENSIONS_CAPE, and ident 'thread' by one more space 2023-06-23 13:31:35 +01:00
Yacine Elhamer 0442b8c1e1 Apply suggestions from code review: use is_ for booleans
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
2023-06-23 13:27:20 +01:00
Yacine Elhamer 585876d6af capa/main.py: use "rb" for opening json files
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
2023-06-23 13:25:37 +01:00
Yacine Elhamer 902d726ea6 capa/main.py: change json import positioning to start of the file 2023-06-22 23:57:03 +01:00
Yacine Elhamer 3f35b426dd Apply suggestions from code review
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
2023-06-22 21:58:01 +01:00
Yacine Elhamer 761d861888 Update fixtures.py samples path 2023-06-22 16:55:00 +01:00
Yacine Elhamer 9f185ed5c0 remove incompatible bar union syntax 2023-06-22 15:59:23 +01:00
Yacine Elhamer 63b2077335 get_extractor(): set return type to FeatureExtractor, and cast into the appropriate class before each usage 2023-06-22 15:55:24 +01:00
Yacine Elhamer 12d5beec6e add type cast to fix get_extractor() typing issues 2023-06-22 15:51:56 +01:00
Yacine Elhamer b77e68df19 fix codestyle and typing 2023-06-22 14:17:06 +01:00
Yacine Elhamer fcdd4fa410 update changelog 2023-06-22 14:03:01 +01:00
Yacine Elhamer 07c48bca68 scripts/show-features.py: add dynamic feature extraction from cape reports 2023-06-22 13:56:54 +01:00
Yacine Elhamer 79ff76d124 main.py: fix bugs for adding the cape extractor/format 2023-06-22 13:55:50 +01:00
Yacine Elhamer de2ba1ca94 add the cape report format to main and across several other locations 2023-06-22 12:55:39 +01:00
Yacine Elhamer 45002bd51d Revert "scripts/show-features.py: add dynamic feature extraction from cape reports"
This reverts commit 64189a4d08.
2023-06-22 12:29:51 +01:00
Yacine Elhamer be7ebad956 Revert "tests/fixtures.py: update path forming for the cape sample"
This reverts commit 6712801b01.
2023-06-22 12:18:34 +01:00
Yacine Elhamer 64189a4d08 scripts/show-features.py: add dynamic feature extraction from cape reports 2023-06-22 12:16:31 +01:00
Willi Ballenthin 708cb28ed0 Merge pull request #1546 from yelhamer/cape-extractor
add the CAPE feature extractor
2023-06-21 09:33:26 +02:00
Yacine Elhamer 6712801b01 tests/fixtures.py: update path forming for the cape sample
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
2023-06-20 20:30:06 +01:00
Yacine Elhamer f29db693c8 fix git submodules error 2023-06-20 20:25:19 +01:00
Yacine Elhamer 0502bfd95d remove cape report from get_md5_hash() function 2023-06-20 20:24:38 +01:00
Yacine Elhamer 78a3901c61 cape/helpers.py: add a find_process() function for quick-fetching processes from the cape report 2023-06-20 15:59:22 +01:00
Yacine Elhamer 0a4e3008af fixtures.py: update CAPE's feature count and presence tests 2023-06-20 13:51:16 +01:00
Yacine Elhamer d03ba5394f cape/global_.py: add warning messages if architecture/os/format are unknown 2023-06-20 13:26:25 +01:00
Yacine Elhamer 2262e6c7d0 Merge branch 'test-cape-extractor' into cape-extractor 2023-06-20 13:22:15 +01:00
Yacine Elhamer 31a349b13b cape feature tests: fix feature count function typo 2023-06-20 13:21:52 +01:00
Yacine Elhamer 1ba143ef26 Merge branch 'test-cape-extractor' into cape-extractor 2023-06-20 13:20:49 +01:00
Yacine Elhamer 1532ce1bab add tests for extracting argument values 2023-06-20 13:20:33 +01:00
Yacine Elhamer fa9b920b71 cape/thread.py: do not extract return values, and extract argument values as Strings 2023-06-20 13:17:53 +01:00
Yacine Elhamer 40b2d5f724 add a remote origin to submodule, and switch to that branch 2023-06-20 12:40:47 +01:00
Yacine Elhamer 0623a5a8de point capa-testfiles submodule towards dynamic-feautre-extractor branch 2023-06-20 12:13:57 +01:00