gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-03-12 21:23:12 -07:00
Code Issues Packages Projects Releases Wiki Activity
5,945 Commits 46 Branches 48 Tags
4697902310055737c3e917021eafac074d7fa0fe
Commit Graph

5945 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
4697902310 build(deps-dev): bump isort from 7.0.0 to 8.0.0 (#2879) 
Bumps [isort](https://github.com/PyCQA/isort) from 7.0.0 to 8.0.0.
- [Release notes](https://github.com/PyCQA/isort/releases)
- [Changelog](https://github.com/PyCQA/isort/blob/main/CHANGELOG.md)
- [Commits](https://github.com/PyCQA/isort/compare/7.0.0...8.0.0)

---
updated-dependencies:
- dependency-name: isort
  dependency-version: 8.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-23 12:50:28 -07:00
Capa Bot
ed0783c31e Sync capa rules submodule 2026-02-23 16:33:25 +00:00
devs6186
f03ee75d69 doc: document that default output shows top-level matches only; -v/-vv show nested matches (#2875) 2026-02-22 07:41:15 +01:00
devs6186
f526357def main: suggest --os flag when ELF OS detection fails (#2869) 
* main: suggest --os flag when OS detection fails for ELF files

When capa cannot detect the target OS of an ELF file, it exits with an
error. Some ELF files lack the standard metadata capa uses for OS
detection (GNU ABI tag, OSABI field, library dependencies, etc.) even
though they do target a valid OS (e.g. a stripped Linux binary using
only raw syscalls).

Add a hint to the unsupported-OS error message telling users they can
specify the OS explicitly with the --os flag, matching the workaround
recommended in the issue.

Fixes #2577
 2026-02-20 14:28:43 +01:00
Moritz
c1ec826a9f Merge pull request #2866 from devs6186/fix/2699-rich-markup-escape 
render: escape sample-controlled strings to prevent rich MarkupError
 2026-02-20 14:06:45 +01:00
devs6186
5ef4ad96ee doc: fix typo and add documentation links in README 
- usage.md: fix 'occurance' -> 'occurrence'
- README: add short doc links (usage, installation, limitations, FAQ)

Fixes #2274
 2026-02-20 11:15:01 +01:00
Capa Bot
8aef630a7f Sync capa rules submodule 2026-02-19 20:33:40 +00:00
Moritz
d1c9d20668 Merge pull request #2865 from mandiant/lsc-1771433500.551532 
Refactor Github Action per b/485167538
 2026-02-19 21:32:29 +01:00
devs6186
3f72b43f48 render: escape sample-controlled strings to prevent rich MarkupError 
Strings extracted from analyzed samples may contain bracket characters
that Rich interprets as markup (e.g. [/tag]). When these are embedded
directly in markup templates like f"[dim]{s}", Rich raises a
MarkupError if the brackets form an invalid tag.

Use rich.markup.escape() to sanitize all user-controlled strings before
embedding them in Rich markup templates in bold(), bold2(), mute(), and
warn().

Fixes #2699
 2026-02-19 03:42:05 +05:30
Ben Knutson
f7bb889f30 Refactor Github Action per b/485167538 2026-02-18 16:51:42 +00:00
Capa Bot
e0bd6d5ea6 Sync capa rules submodule 2026-02-17 21:19:08 +00:00
Capa Bot
239bafd285 Sync capa-testfiles submodule 2026-02-17 21:10:09 +00:00
dependabot[bot]
2033c4ab83 build(deps-dev): bump pyinstaller from 6.18.0 to 6.19.0 (#2856) 
Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from 6.18.0 to 6.19.0.
- [Release notes](https://github.com/pyinstaller/pyinstaller/releases)
- [Changelog](https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES.rst)
- [Commits](https://github.com/pyinstaller/pyinstaller/compare/v6.18.0...v6.19.0)

---
updated-dependencies:
- dependency-name: pyinstaller
  dependency-version: 6.19.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-17 13:40:23 -07:00
dependabot[bot]
cbe005ae0f bump ruff from 0.14.7 to 0.15.0 (#2853) 
---
updated-dependencies:
- dependency-name: ruff
  dependency-version: 0.15.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-09 13:55:24 -07:00
kamran ul haq
26aba8067f loader: handle SegmentationViolation for malformed ELF files (#2799) 
Catch envi.exc.SegmentationViolation raised by vivisect when processing
malformed ELF files with invalid relocations and convert it to a
CorruptFile exception with a descriptive message.

Closes #2794

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-02-05 12:24:48 -07:00
Aditya Pandey
3582bce6fd vmray: skip processes with invalid PID or missing filename (#2807) (#2845) 
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-02-05 12:11:26 -07:00
dependabot[bot]
535faf281d build(deps): bump protobuf from 6.33.1 to 6.33.5 (#2851) 
Bumps [protobuf](https://github.com/protocolbuffers/protobuf) from 6.33.1 to 6.33.5.
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

---
updated-dependencies:
- dependency-name: protobuf
  dependency-version: 6.33.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-02-05 10:55:26 -07:00
dependabot[bot]
fe27335136 build(deps): bump pip from 25.3 to 26.0 (#2847) 
Bumps [pip](https://github.com/pypa/pip) from 25.3 to 26.0.
- [Changelog](https://github.com/pypa/pip/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/pip/compare/25.3...26.0)

---
updated-dependencies:
- dependency-name: pip
  dependency-version: '26.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-02-05 10:53:55 -07:00
dependabot[bot]
a40ae162ef build(deps): bump dnfile from 0.17.0 to 0.18.0 (#2848) 
Bumps [dnfile](https://github.com/malwarefrank/dnfile) from 0.17.0 to 0.18.0.
- [Changelog](https://github.com/malwarefrank/dnfile/blob/master/HISTORY.rst)
- [Commits](https://github.com/malwarefrank/dnfile/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: dnfile
  dependency-version: 0.18.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-02-05 10:50:00 -07:00
dependabot[bot]
1500a34984 build(deps): bump rich from 14.2.0 to 14.3.2 (#2849) 
* build(deps): bump rich from 14.2.0 to 14.3.2

Bumps [rich](https://github.com/Textualize/rich) from 14.2.0 to 14.3.2.
- [Release notes](https://github.com/Textualize/rich/releases)
- [Changelog](https://github.com/Textualize/rich/blob/master/CHANGELOG.md)
- [Commits](https://github.com/Textualize/rich/compare/v14.2.0...v14.3.2)

---
updated-dependencies:
- dependency-name: rich
  dependency-version: 14.3.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* add hiddenimports for rich module

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-02-05 09:31:15 -07:00
Daniel Adeboye
77440c03f5 vmray: extract number features for registry key handles (#2835) 
* vmray: extract number features for whitelisted void_ptr parameters

* added changelog

* Apply suggestions from code review

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* fix lint

* fix lint

* fix test

* remove unused import

* Add hKey parameter extraction and tests

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2026-01-30 15:10:57 -07:00
Capa Bot
26fd6b8569 Sync capa rules submodule 2026-01-30 17:41:05 +00:00
Capa Bot
2540dd688b Sync capa rules submodule 2026-01-30 17:04:59 +00:00
Moritz
ff8e7ef52f Add AI usage checkbox (#2844) 
* Add AI usage checkbox

* Apply suggestion from @gemini-code-assist[bot]

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

---------

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
 2026-01-29 09:12:54 -07:00
Capa Bot
6f078734c3 Sync capa rules submodule 2026-01-28 17:43:11 +00:00
Capa Bot
93c11d2d4e Sync capa-testfiles submodule 2026-01-28 16:22:42 +00:00
Capa Bot
89c71f4d81 Sync capa rules submodule 2026-01-26 16:41:20 +00:00
dependabot[bot]
9599fbac02 build(deps): bump setuptools from 80.9.0 to 80.10.1 (#2837) 
Bumps [setuptools](https://github.com/pypa/setuptools) from 80.9.0 to 80.10.1.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](https://github.com/pypa/setuptools/compare/v80.9.0...v80.10.1)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-version: 80.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-23 12:41:04 -07:00
dependabot[bot]
b4c0f1369e build(deps): bump pycparser from 2.23 to 3.0 (#2838) 
Bumps [pycparser](https://github.com/eliben/pycparser) from 2.23 to 3.0.
- [Release notes](https://github.com/eliben/pycparser/releases)
- [Commits](https://github.com/eliben/pycparser/compare/release_v2.23...release_v3.00)

---
updated-dependencies:
- dependency-name: pycparser
  dependency-version: '3.0'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-23 12:37:46 -07:00
Daniel Adeboye
37f2a897ff tests: remove redundant test_ida_features.py (#2834) 2026-01-23 09:46:58 -07:00
Maijin
e39e610f66 Create a vivisect group in dependabot.yml (#2830) 
* Add msgpack group in dependabot.yml

Add msgpack group in dependabot.yml

* Change to make a vivisect group

Change to make a vivisect group

* Update dependabot.yml
 2026-01-23 09:37:04 -07:00
Maijin
073760f279 fix(lint): disable rule caching during linting (#2817) 2026-01-22 09:27:02 -07:00
dependabot[bot]
52a761ebb3 build(deps-dev): bump lodash from 4.17.21 to 4.17.23 in /web/explorer (#2833) 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.17.23)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.17.23
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-22 08:56:03 -07:00
Moritz
2a44482076 Merge pull request #2821 from mandiant/dependabot/pip/mypy-protobuf-5.0.0 
build(deps-dev): bump mypy-protobuf from 4.0.0 to 5.0.0
 2026-01-20 10:31:57 +01:00
Moritz
a359745765 build(deps-dev): bump pyinstaller from 6.17.0 to 6.18.0 (#2822) 
Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from 6.17.0 to 6.18.0.
- [Release notes](https://github.com/pyinstaller/pyinstaller/releases)
- [Changelog](https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES.rst)
- [Commits](https://github.com/pyinstaller/pyinstaller/compare/v6.17.0...v6.18.0)

---
updated-dependencies:
- dependency-name: pyinstaller
  dependency-version: 6.18.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-20 10:31:35 +01:00
Maijin
203cc0aa0c Merge pull request #2824 from Maijin/patch-1 
Group pyasn modules and vivisect in dependabot.yml
 2026-01-20 10:18:35 +01:00
Moritz
3642ca94a6 Merge pull request #2820 from mandiant/dependabot/pip/vivisect-1.3.0 
build(deps): bump vivisect from 1.2.1 to 1.3.0
 2026-01-19 20:57:00 +01:00
dependabot[bot]
8e233ca69d build(deps-dev): bump pyinstaller from 6.17.0 to 6.18.0 
Bumps [pyinstaller](https://github.com/pyinstaller/pyinstaller) from 6.17.0 to 6.18.0.
- [Release notes](https://github.com/pyinstaller/pyinstaller/releases)
- [Changelog](https://github.com/pyinstaller/pyinstaller/blob/develop/doc/CHANGES.rst)
- [Commits](https://github.com/pyinstaller/pyinstaller/compare/v6.17.0...v6.18.0)

---
updated-dependencies:
- dependency-name: pyinstaller
  dependency-version: 6.18.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-19 16:45:40 +00:00
dependabot[bot]
d5c23486e3 build(deps-dev): bump mypy-protobuf from 4.0.0 to 5.0.0 
Bumps [mypy-protobuf](https://github.com/nipunn1313/mypy-protobuf) from 4.0.0 to 5.0.0.
- [Changelog](https://github.com/nipunn1313/mypy-protobuf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/nipunn1313/mypy-protobuf/commits)

---
updated-dependencies:
- dependency-name: mypy-protobuf
  dependency-version: 5.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-19 16:45:32 +00:00
dependabot[bot]
7600dd077b build(deps): bump vivisect from 1.2.1 to 1.3.0 
Bumps [vivisect](https://github.com/vivisect/vivisect) from 1.2.1 to 1.3.0.
- [Changelog](https://github.com/vivisect/vivisect/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/vivisect/vivisect/compare/v1.2.1...v1.3.0)

---
updated-dependencies:
- dependency-name: vivisect
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-01-19 16:45:26 +00:00
Moritz
3de84eff1b Merge pull request #2813 from doomedraven/patch-1 
Add '2.5-CAPE' to tested versions
 2026-01-16 20:28:39 +01:00
doomedraven
7e16ed741c Add '2.5-CAPE' to tested versions 
hello, we just released CAPE v2.5, there are no behavior/structural changes. Is focused on webgui improvements, and some other improvements that doesnt impact CAPA.
 2026-01-16 14:58:48 +00:00
Mike Hunhoff
5a5545aa14 ghidra: fix unit tests (#2812) 
* ghidra: fix unit tests

* fix formatting
 2026-01-15 12:34:43 -07:00
Moritz
6ad4fbbb9b Merge pull request #2742 from mandiant/idalib-tests 2026-01-13 21:48:30 +01:00
dependabot[bot]
8105214dc6 build(deps-dev): bump build from 1.3.0 to 1.4.0 (#2809) 
Bumps [build](https://github.com/pypa/build) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/pypa/build/releases)
- [Changelog](https://github.com/pypa/build/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pypa/build/compare/1.3.0...1.4.0)

---
updated-dependencies:
- dependency-name: build
  dependency-version: 1.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-13 09:08:58 -07:00
Willi Ballenthin
d1fc8446f6 pyproject: ida: silence SWIG related warnings from IDA bindings 2026-01-13 16:15:31 +01:00
Willi Ballenthin
0686305f43 ida: loader: load resource sections to help discovery of embedded files 2026-01-13 16:15:31 +01:00
Willi Ballenthin
8d6b878e79 ida: fix return value from open_database 2026-01-13 16:15:31 +01:00
Willi Ballenthin
3646fcefa2 ida: helpers: refactor discovery of alternative names 2026-01-13 16:15:31 +01:00
Willi Ballenthin
ce67d99e49 ida: skip function-name features for default names (sub_*) 2026-01-13 16:15:31 +01:00