gitea-mirror/capa - capa - Gitea: Git with a cup of tea

mirror of https://github.com/mandiant/capa.git synced 2026-01-04 16:57:58 -08:00

Author	SHA1	Message	Date
Capa Bot	6764830f2d	Sync capa-testfiles submodule	2022-07-08 18:59:42 +00:00
Capa Bot	9015761d4d	Sync capa-testfiles submodule	2022-06-30 15:16:42 +00:00
Capa Bot	7387c56af9	Sync capa-testfiles submodule	2022-06-29 17:47:36 +00:00
Willi Ballenthin	91818a116d	scripts/capa_as_library: use new ResultDocument closes #1071	2022-06-28 15:53:37 -06:00
Moritz Raabe	a7c4761fef	isort, black	2022-06-28 15:53:10 +02:00
Moritz Raabe	e2156c3854	refactor: parametrize test	2022-06-28 15:49:21 +02:00
Willi Ballenthin	a453258a51	tests: fix render test for MBC	2022-06-20 14:25:18 -06:00
Willi Ballenthin	246ef58e7b	tests: fix render test for ATT&CK metadata	2022-06-20 14:24:01 -06:00
William Ballenthin	c417b5dd79	merge master	2022-06-14 17:05:46 -06:00
Willi Ballenthin	3103307601	tests: fix reference error	2022-06-10 14:58:26 -06:00
Capa Bot	c653dd7e72	Sync capa-testfiles submodule	2022-06-10 20:48:49 +00:00
Willi Ballenthin	1c771da848	pep8	2022-06-10 14:47:23 -06:00
William Ballenthin	c3418fddb5	tests: json: fix address representation	2022-06-08 13:29:04 -06:00
William Ballenthin	faf414e3d8	tests: add more dotnet tests	2022-06-08 13:28:53 -06:00
Willi Ballenthin	0987141970	tests: add tests demonstrating rending of .NET samples	2022-06-06 15:13:20 -06:00
Willi Ballenthin	c73db051c1	fixtures: add path to extractors	2022-06-06 15:13:11 -06:00
Willi Ballenthin	1a290a38c4	Merge branch 'master' into feature-981	2022-06-06 14:07:51 -06:00
Moritz	d8e68255a0	Merge pull request #1044 from mandiant/fix/rules-meta-authors fix!: authors instead of author	2022-06-01 14:12:31 +02:00
Capa Bot	781ec74310	Sync capa-testfiles submodule	2022-06-01 12:12:01 +00:00
Moritz Raabe	1df60186f0	fix!: authors instead of author	2022-05-31 23:05:13 +02:00
Mike Hunhoff	3514d5c05c	dotnet: support file/function scope class and namespace features (#1030 )	2022-05-26 11:19:31 -06:00
Willi Ballenthin	3879e33cce	freeze: model each features separately	2022-05-25 17:12:02 -06:00
Willi Ballenthin	6b633efdba	freeze: fix schema to support overlapping functions	2022-05-25 15:28:02 -06:00
Willi Ballenthin	adb425aeb3	freeze: use pydantic for (de)serialization also, move null extractor to its own namespace	2022-05-25 15:09:31 -06:00
Willi Ballenthin	b35fe6cdb2	json, render: work with and serialize addresses	2022-05-24 13:52:56 -06:00
Willi Ballenthin	d728869690	freeze: mypy and pep8	2022-05-24 13:52:40 -06:00
Willi Ballenthin	6b6dd70110	freeze: use address abstraction	2022-05-24 12:30:06 -06:00
Willi Ballenthin	314ad4ea4d	Merge pull request #1028 from mandiant/fix-988 elf: better detect Linux OS	2022-05-23 11:29:13 -06:00
Moritz Raabe	b2853cc56b	feat: update dnfile tests and extractor	2022-05-12 18:37:02 +02:00
Moritz Raabe	716a73dfb4	feat: add handles and type annotations	2022-05-12 15:42:25 +02:00
Capa Bot	cded1d3125	Sync capa-testfiles submodule	2022-05-12 06:35:04 +00:00
Willi Ballenthin	78e9280a93	Merge branch 'master' into feature-981	2022-05-11 13:20:48 -06:00
Willi Ballenthin	07e35780d3	Merge branch 'master' into fix-988	2022-05-11 13:10:45 -06:00
Willi Ballenthin	521cbf9104	pep8	2022-05-11 13:10:08 -06:00
Willi Ballenthin	a6427364e0	tests: add test demonstrating elf OS detection	2022-05-11 13:09:12 -06:00
Mike Hunhoff	0d849142ba	dotnet: emit mixed mode characteristic (#1024 )	2022-05-06 14:32:06 -06:00
Mike Hunhoff	6fb9dd961a	dotnet: emit unmanaged call characteristic (#1023 )	2022-05-06 13:05:48 -06:00
Mike Hunhoff	a9c9b3cea8	dotnet: extract file function names (#1015 )	2022-05-06 08:34:50 -06:00
Mike Hunhoff	24c4215820	dotnet: add file string parsing (#1012 )	2022-05-05 13:39:29 -06:00
Willi Ballenthin	808b7fb4dc	dnfile: fix types	2022-04-08 18:33:12 -06:00
Willi Ballenthin	ed1009096d	Merge branch 'master' of github.com:mandiant/capa into feature-981	2022-04-08 16:01:59 -06:00
Mike Hunhoff	580a2d7e45	dotnet: basic detection and feature extraction (#987 )	2022-04-08 14:55:00 -06:00
Moritz	c8a772d19a	test: update dotnet dirs and sync master (#984 )	2022-04-08 09:34:22 -06:00
Capa Bot	5bc44aef0f	Sync capa-testfiles submodule	2022-04-08 10:34:02 +00:00
Willi Ballenthin	8a2276f398	smda: implement operand number/offset features cause its not too hard	2022-04-07 12:48:25 -06:00
Moritz	65552575f8	Update dotnet-main (#979 ) * Sync capa rules submodule * Sync capa-testfiles submodule * Sync capa rules submodule * changelog * : remove /x32 and /x64 flavors from number and offset features : remove more references to /x32 and /x64 linter: accept instruction scope * rules: fix max operand index (4) * API: better support A/W functions * vverbose: show lib rule matches * main: accept multiple paths to rules * main: fix removal of default rules path * lint: fix rules path * changelog * capa_as_library: fix rules path is list now * main: better handle multiple rules paths * main: bail if python 3.6 or below closes #964 * ida: readme: remove python 3.6 support * capa2yara: fix rules paths * render: meta: display rule paths on separate lines closes #971 * render: verbose: add doc * verbose: make rule path multiline more concise * vverbose: don't show examples in output closes #970 * vverbose: render subscope name, like "basic block:" closes #963 * build(deps-dev): bump pytest from 7.0.1 to 7.1.1 Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.0.1 to 7.1.1. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/7.0.1...7.1.1) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * ci: build: update pip and setuptools * ci: build: bump pyinstall to v4.10 * Sync capa rules submodule * Dotnet mixed mode detect (#969) * feat: start dotnet detection (#955) * feat: start dotnet detection * Apply suggestions from code review Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com> * refactor: dn instead of dotnet * refactor: format branches, extractor reorg * refactor: format selection and dotnet detect * feat: get format, arch, os * refactor: log errors and exceptions * ci: also test and build for dotnet-main dev * fix: import path * fix: circular dep * fix: remove buf argument feat: get runtime meta data * fix: log unsupported runtime error * fix: type ignore Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com> * fix: imports and add tests * feat: detect mixed mode and tests * feat: start dotnet detection (#955) * feat: start dotnet detection * Apply suggestions from code review Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com> * refactor: dn instead of dotnet * refactor: format branches, extractor reorg * refactor: format selection and dotnet detect * feat: get format, arch, os * refactor: log errors and exceptions * ci: also test and build for dotnet-main dev * fix: import path * fix: circular dep * fix: remove buf argument feat: get runtime meta data * fix: log unsupported runtime error * fix: type ignore Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com> * fix: imports and add tests Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com> * test: checkout submodules recursively Co-authored-by: Capa Bot <capa-dev@mandiant.com> Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-04-07 17:45:29 +02:00
Willi Ballenthin	1c7b6bcf7d	fixtures: use function that IDA doesn't recognize as lib func	2022-04-06 15:07:35 -06:00
Willi Ballenthin	b843cef986	tests: add tests for #320	2022-04-06 14:38:56 -06:00
Willi Ballenthin	0e95691cde	tests: fixtures: enable assertions against instruction scope	2022-04-06 14:38:33 -06:00
Willi Ballenthin	55a5d10859	Merge pull request #961 from mandiant/feature-remove-flavors remove /x32 and /x64 flavors of number and offset features	2022-04-06 12:57:18 -06:00

1 2 3 4 5 ...

402 Commits