gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-02-05 03:16:56 -08:00
Code Issues Packages Projects Releases Wiki Activity
4,201 Commits 47 Branches 48 Tags
3cf748a135f41ac5dff86f377dae816eb529b5a0
Commit Graph

4201 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Willi Ballenthin
3cf748a135 vverbose: render both scopes nicely 2023-08-10 11:39:56 +02:00
Willi Ballenthin
85b58d041b process: simplify string enumeration loop 2023-08-10 11:38:43 +02:00
Willi Ballenthin
ae9d773e04 add TODO for typing.TypeAlias 2023-08-10 11:37:50 +02:00
Willi Ballenthin
582bb7c897 docstrings: improve wording 2023-08-10 11:36:51 +02:00
Willi Ballenthin
681d4fb007 Merge pull request #1678 from yelhamer/call-scope 
Add a call scope
 2023-08-07 11:31:29 +02:00
Yacine Elhamer
a185341a4d features/address.py: rename CallAddress DynamicCallAddress 2023-08-07 09:48:11 +01:00
Yacine Elhamer
aacd9f51b3 delete empty files 2023-08-07 09:48:11 +01:00
Yacine
95148d445a test_rules.py: update rules' formatting 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-08-07 09:47:57 +01:00
Yacine
65ac422e36 test_rules.py: update rules' fomratting 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-08-07 09:47:37 +01:00
Willi Ballenthin
5ffb6ca0cd Merge branch 'dynamic-feature-extraction' into call-scope 2023-08-07 10:40:53 +02:00
Willi Ballenthin
85f151303a merge 2023-08-07 08:40:03 +00:00
Willi Ballenthin
216cd01b3c sync test data submodule 2023-08-07 08:37:23 +00:00
Yacine
23bd2e7cd4 cape/call.py: remove use of the description keyword for features 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-08-07 09:13:07 +01:00
Willi Ballenthin
5de055e2af Merge pull request #1677 from mandiant/fix/add-devcontainer-pre-commit 
devcontainer: install pre-commit hooks
 2023-08-07 10:01:20 +02:00
Willi Ballenthin
dd870a5cbd Merge pull request #1676 from mandiant/fix/issue-1675 
linter: skip native API check for NtProtectVirtualMemory
 2023-08-07 10:00:59 +02:00
Yacine Elhamer
f461f65a86 move thread-scope features into the call-scope 2023-08-06 18:12:29 +01:00
Capa Bot
2c8f99143a Sync capa-testfiles submodule 2023-08-05 16:40:13 +00:00
Capa Bot
ee68031d19 Sync capa-testfiles submodule 2023-08-05 16:37:46 +00:00
Yacine Elhamer
8dc4adbb5e fix test_rules.py yaml identation bug 2023-08-04 16:20:37 +01:00
Yacine Elhamer
8b36cd1e35 add call-scope tests 2023-08-04 16:20:37 +01:00
Yacine
cd700a1782 Merge branch 'dynamic-feature-extraction' into call-scope 2023-08-03 15:27:44 +01:00
Yacine
60e94adeb1 base_extractor.py: fix ProcessHandle documentation comment 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-08-03 14:39:53 +01:00
Yacine
eafed0f1d4 build_statements(): fix call-scope InvalidRule message typo 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-08-03 14:38:38 +01:00
Yacine Elhamer
7c14c51012 cape/call.py: update extract_call_features() comment 2023-08-03 14:20:18 +01:00
Yacine Elhamer
4f9d24598f bugfix 2023-08-03 11:24:24 +01:00
Yacine Elhamer
4277b4bef8 include an address' parent in comparisons 2023-08-03 11:21:58 +01:00
Yacine Elhamer
3c3205adf1 add call address to show-features.py script 2023-08-02 23:10:27 +01:00
Yacine Elhamer
4e1527df95 update changelog 2023-08-02 22:48:38 +01:00
Yacine Elhamer
ca2760fb46 Initial commit 2023-08-02 22:46:54 +01:00
Willi Ballenthin
6647ecb6d4 Merge branch 'master' into fix/add-devcontainer-pre-commit 2023-08-02 15:02:15 +02:00
Willi Ballenthin
13533074ea devcontainer: install pre-commit hooks 2023-08-02 13:01:15 +00:00
Willi Ballenthin
a538a7bbab linter: skip native API check for more UEFI routines 2023-08-02 12:55:22 +00:00
Willi Ballenthin
b2789f0df6 Merge branch 'master' into fix/issue-1675 2023-08-02 14:49:32 +02:00
Willi Ballenthin
ab5c8b1129 linter: skip native API check for NtEnumerateSystemEnvironmentValuesEx 2023-08-02 12:49:17 +00:00
Capa Bot
149983dced Sync capa rules submodule 2023-08-02 12:42:03 +00:00
Willi Ballenthin
04fbcbbbd3 linter: skip native API check for NtProtectVirtualMemory 
closes #1675
 2023-08-02 12:36:42 +00:00
Willi Ballenthin
727ece499a Merge pull request #1662 from Aayush-Goel-04/Aayush-Goel-04/Issue#1607 
ELF: Implement file import and export name extractor
 2023-08-02 13:15:32 +02:00
Aayush Goel
62f50265bc Resolved Import address 2023-08-02 16:41:24 +05:30
Capa Bot
95ffdf19ff Sync capa rules submodule 2023-08-02 11:03:52 +00:00
Capa Bot
d18224eac6 Sync capa-testfiles submodule 2023-08-02 11:03:16 +00:00
Aayush Goel
26935ee6e6 Update test_elffile_features.py 2023-08-02 13:51:51 +05:30
Aayush Goel
f8c499fb43 Added test for elf import/export handling 2023-08-02 11:52:27 +05:30
Willi Ballenthin
61924672e2 Merge pull request #1671 from yelhamer/rule-statement-building 2023-08-01 22:15:03 +02:00
Yacine Elhamer
7fdd988e4f remove redundant imports 2023-08-01 20:12:15 +01:00
Yacine Elhamer
a85e0523f8 remove Scopes LRU caching 2023-08-01 20:09:42 +01:00
Aayush Goel
3bb5754b66 Update elffile.py 2023-08-01 22:41:11 +05:30
Aayush Goel
dd2eef52c3 Update elffile.py 
remove enumerate
 2023-08-01 22:21:00 +05:30
Willi Ballenthin
da45fb4bea Merge branch 'master' into Aayush-Goel-04/Issue#1607 2023-08-01 16:34:42 +02:00
Willi Ballenthin
7ed517a8f3 Merge pull request #1668 from mandiant/dependabot/pip/types-tabulate-0.9.0.3 
build(deps-dev): bump types-tabulate from 0.9.0.1 to 0.9.0.3
 2023-08-01 16:33:42 +02:00
Willi Ballenthin
f00e7426c5 Merge pull request #1667 from mandiant/dependabot/pip/types-requests-2.31.0.2 
build(deps-dev): bump types-requests from 2.31.0.1 to 2.31.0.2
 2023-08-01 16:33:12 +02:00