gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-22 15:16:22 -08:00
Code Issues Packages Projects Releases Wiki Activity
4,192 Commits 45 Branches 48 Tags
5ffb6ca0cdabd1962b02c22f23ff2d78f459280a
Commit Graph

146 Commits

Author SHA1 Message Date
Willi Ballenthin
85f151303a merge 2023-08-07 08:40:03 +00:00
Willi Ballenthin
a538a7bbab linter: skip native API check for more UEFI routines 2023-08-02 12:55:22 +00:00
Willi Ballenthin
ab5c8b1129 linter: skip native API check for NtEnumerateSystemEnvironmentValuesEx 2023-08-02 12:49:17 +00:00
Willi Ballenthin
04fbcbbbd3 linter: skip native API check for NtProtectVirtualMemory 
closes #1675
 2023-08-02 12:36:42 +00:00
Yacine Elhamer
e38e56ccf6 Merge remote-tracking branch 'parentrepo/dynamic-feature-extraction' into sync-1657 2023-07-20 09:33:48 +01:00
Willi Ballenthin
c86ab51210 fix copyright headers everywhere 2023-07-13 05:03:33 +02:00
Willi Ballenthin
65e8300145 introduce flake8-simplify 2023-07-12 11:40:44 +02:00
Yacine Elhamer
4ee38cbe29 fix linting issues 2023-07-11 14:52:04 +01:00
Yacine Elhamer
f86ecfe446 Merge remote-tracking branch 'parentrepo/dynamic-feature-extraction' into analysis-flavor 2023-07-11 10:43:31 +01:00
Aayush Goel
1baa7a5e4b flake8 checks resolved 2023-07-11 02:30:09 +05:30
Aayush Goel
ef39bc3c3a Merged Changes from PR #1591 2023-07-11 01:14:38 +05:30
Aayush Goel
8e346cb411 Merge branch 'Aayush-Goel-04/Issue#1534' of https://github.com/Aayush-Goel-04/capa into Aayush-Goel-04/Issue#1534 2023-07-11 00:59:21 +05:30
Yacine Elhamer
917dd8b0db Update scripts/lint.py 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-07-10 15:58:17 +01:00
Willi Ballenthin
7fe738e28f introduce flake8-no-implicit-concat linter 2023-07-09 22:18:01 +02:00
Willi Ballenthin
54203f3be9 introduce flake8-logging-format linter 2023-07-09 22:11:46 +02:00
Aayush Goel
673af45c55 Update args.sample type to Path and str vs as_posix comparisons 2023-07-09 16:02:28 +05:30
Aayush Goel
e0ed8c6e04 Resolved the suggestions. 2023-07-08 13:51:41 +05:30
Aayush Goel
ef9b0737a8 Merge branch 'master' into Aayush-Goel-04/Issue#1534 2023-07-07 12:05:57 +05:30
Aayush Goel
14924174c5 convert str(path) usage to path.as_posix() to get str format of Path 
Update fixtures.py
 2023-07-07 12:03:05 +05:30
Aayush Goel
edeb458b33 some more changes 2023-07-07 12:03:05 +05:30
Willi Ballenthin
13a8e252f0 introduce flake8-comprehensions 2023-07-06 20:04:27 +02:00
Willi Ballenthin
982dc46623 add flake8-bugbear linter 2023-07-06 19:30:51 +02:00
Yacine Elhamer
0c56291e4a update linter 2023-07-06 17:50:57 +01:00
Yacine Elhamer
c916e3b07f update the linter 2023-07-06 17:27:45 +01:00
Willi Ballenthin
47074fd129 fix ruff issues 2023-07-06 17:49:40 +02:00
Willi Ballenthin
23ed0a5d9d main: don't leave behind traces of the progress bar 2023-07-05 19:06:33 +02:00
Aayush Goel
275386806d Add redirect print to capa main 2023-05-17 23:57:52 +05:30
Willi Ballenthin
1f3582c9c3 mypy 2023-03-21 16:45:24 +01:00
manasghandat
5128638071 code style: update lint.py (#1352) 
* code style: update lint.py
 2023-03-09 07:28:47 +01:00
Moritz
6a222a6139 Update black (#1307) 
* build(deps-dev): bump black from 22.12.0 to 23.1.0

Bumps [black](https://github.com/psf/black) from 22.12.0 to 23.1.0.
- [Release notes](https://github.com/psf/black/releases)
- [Changelog](https://github.com/psf/black/blob/main/CHANGES.md)
- [Commits](https://github.com/psf/black/compare/22.12.0...23.1.0)

---
updated-dependencies:
- dependency-name: black
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* reformat black 23.1.0

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-07 15:50:15 +01:00
Willi Ballenthin
61112c2527 lint: fix pbar counts 2023-01-21 20:16:49 +01:00
Willi Ballenthin
67cfefd2df main: get_rules: remove progress bar 2023-01-21 19:38:23 +01:00
Willi Ballenthin
6ad471a914 Merge branch 'master' into rules-cache 2023-01-20 14:51:32 +01:00
Willi Ballenthin
476ffabae9 rules: cache the ruleset to disk 
ref: #1212
 2023-01-20 14:50:00 +01:00
Moritz
fa0ddba436 add format to global features and code refactors (#1284) 
* refactor: get format handling

* add format to global features
 2023-01-19 13:31:00 +01:00
Josh Soref
9e3a48aa8d spelling: globally 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2023-01-04 00:32:39 -05:00
Willi Ballenthin
b819033da0 lots of mypy 2022-12-14 10:37:39 +01:00
Willi Ballenthin
1caeb248ca pylint: fix old-style super calls 2022-12-06 16:02:21 +00:00
Mike Hunhoff
449c64d80b update scripts/lint.py to validate rule metadata using pydantic (#1141) 2022-08-12 08:26:39 -06:00
Anushka Virgaonkar
6e9676e0be fix #1095 (#1098) 2022-07-08 15:41:42 -06:00
Moritz
38668b2c4a fix: use DnfileFeatureExtractor (#1088) 
closes #1087
 2022-07-05 07:53:47 +02:00
Willi Ballenthin
8b7ddc5679 linter: expect file path "dotnet" for ".NET" rules 
ref: https://github.com/mandiant/capa-rules/pull/568#discussion_r908718249
 2022-06-28 10:48:03 -06:00
Moritz Raabe
9bf582a89a feat: lint check value types 
closes #1027
 2022-06-28 12:53:31 +02:00
Willi Ballenthin
1a290a38c4 Merge branch 'master' into feature-981 2022-06-06 14:07:51 -06:00
Willi Ballenthin
867662ba5a rules: remove unused rule-category meta 2022-06-06 13:43:44 -06:00
Moritz Raabe
1df60186f0 fix!: authors instead of author 2022-05-31 23:05:13 +02:00
Willi Ballenthin
4ae4bab254 lint: use meta.authors 2022-05-26 12:02:47 -06:00
Willi Ballenthin
9236a36ef4 rule: factor out is subscope check 2022-05-26 10:24:31 -06:00
Mike Hunhoff
580a2d7e45 dotnet: basic detection and feature extraction (#987) 2022-04-08 14:55:00 -06:00
Moritz
65552575f8 Update dotnet-main (#979) 
* Sync capa rules submodule

* Sync capa-testfiles submodule

* Sync capa rules submodule

* changelog

* *: remove /x32 and /x64 flavors from number and offset features

* *: remove more references to /x32 and /x64

* linter: accept instruction scope

* rules: fix max operand index (4)

* API: better support A/W functions

* vverbose: show lib rule matches

* main: accept multiple paths to rules

* main: fix removal of default rules path

* lint: fix rules path

* changelog

* capa_as_library: fix rules path is list now

* main: better handle multiple rules paths

* main: bail if python 3.6 or below

closes #964

* ida: readme: remove python 3.6 support

* capa2yara: fix rules paths

* render: meta: display rule paths on separate lines

closes #971

* render: verbose: add doc

* verbose: make rule path multiline more concise

* vverbose: don't show examples in output

closes #970

* vverbose: render subscope name, like "basic block:"

closes #963

* build(deps-dev): bump pytest from 7.0.1 to 7.1.1

Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.0.1 to 7.1.1.
- [Release notes](https://github.com/pytest-dev/pytest/releases)
- [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest/compare/7.0.1...7.1.1)

---
updated-dependencies:
- dependency-name: pytest
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* ci: build: update pip and setuptools

* ci: build: bump pyinstall to v4.10

* Sync capa rules submodule

* Dotnet mixed mode detect (#969)

* feat: start dotnet detection (#955)

* feat: start dotnet detection

* Apply suggestions from code review

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* refactor: dn instead of dotnet

* refactor: format branches, extractor reorg

* refactor: format selection and dotnet detect

* feat: get format, arch, os

* refactor: log errors and exceptions

* ci: also test and build for dotnet-main dev

* fix: import path

* fix: circular dep

* fix: remove buf argument
feat: get runtime meta data

* fix: log unsupported runtime error

* fix: type ignore

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* fix: imports and add tests

* feat: detect mixed mode and tests

* feat: start dotnet detection (#955)

* feat: start dotnet detection

* Apply suggestions from code review

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* refactor: dn instead of dotnet

* refactor: format branches, extractor reorg

* refactor: format selection and dotnet detect

* feat: get format, arch, os

* refactor: log errors and exceptions

* ci: also test and build for dotnet-main dev

* fix: import path

* fix: circular dep

* fix: remove buf argument
feat: get runtime meta data

* fix: log unsupported runtime error

* fix: type ignore

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* fix: imports and add tests

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* test: checkout submodules recursively

Co-authored-by: Capa Bot <capa-dev@mandiant.com>
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-07 17:45:29 +02:00