gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-27 13:13:09 -08:00
Code Issues Packages Projects Releases Wiki Activity
4,836 Commits 45 Branches 48 Tags
7ab8dbbd4ef5fede6b38d6918dc1ab2e414e8421
Commit Graph

827 Commits

Author SHA1 Message Date
Capa Bot
7ab8dbbd4e Sync capa-testfiles submodule 2024-02-05 09:31:34 +00:00
Moritz
2c93c5fc83 lint: get backend from format (#1964) 
* get backend from format

* add lint.py script test

* create FakeArgs object

* adjust EOL handling in lints

---------

Co-authored-by: Willi Ballenthin <wballenthin@google.com>
 2024-02-01 11:33:16 +01:00
Willi Ballenthin
c3301d3b3f refactor main to for ease of integration (#1948) 
* main: split main into a bunch of "main routines"

[wip] since there are a few references to BinExport2
that are in progress elsewhre. Next commit will remove them.

* main: remove references to wip BinExport2 code

* changelog

* main: rename first position argument "input_file"

closes #1946

* main: linters

* main: move rule-related routines to capa.rules

ref #1821

* main: extract routines to capa.loader module

closes #1821

* add loader module

* loader: learn to load freeze format

* freeze: use new cli arg handling

* Update capa/loader.py

Co-authored-by: Moritz <mr-tz@users.noreply.github.com>

* main: remove duplicate documentation

* main: add doc about where some functions live

* scripts: migrate to new main wrapper helper functions

* scripts: port to main routines

* main: better handle auto-detection of backend

* scripts: migrate bulk-process to main wrappers

* scripts: migrate scripts to main wrappers

* main: rename *_from_args to *_from_cli

* changelog

* cache-ruleset: remove duplication

* main: fix tag handling

* cache-ruleset: fix cli args

* cache-ruleset: fix special rule cli handling

* scripts: fix type bytes

* main: remove old TODO message

* loader: fix references to binja extractor

---------

Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2024-01-29 13:59:05 +01:00
mr-tz
1a44e899cb verify target file type and warn user 2024-01-18 12:33:28 +01:00
Mike Hunhoff
f37b598010 fix: do not trim api names that include :: (#1897) 2024-01-08 10:59:24 -07:00
Blas
7584e4a5e6 dotnet: emit enclosing class information for nested classes (#1913) 
* Update helpers.py

* Update helpers.py

* TypeRef correction in helpers.py

* Fixed TypeRef to proper functionality

* Accounts for TypeRef updated tuple

* Corrected TypeDef tuple creation in helpers.py

* Update types.py

* Update types.py

* Create helpers_draft.py

* Update capa/features/extractors/dnfile/helpers.py

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>

* Update helper functions, variables, and draft further implementations

* Update helpers.py

* Update types.py

* Directly access TypeDef and TypeRef tables

* Update helpers.py

* Update helpers.py

* Delete capa/features/extractors/dnfile/helpers_draft.py

* Update types.py

* Update dotnetfile.py

* Update types.py comment

* Clean extract_file_class_features in dotnetfile.py

* Cleaned up callers, var names, and other small items

* Update dotnetfile.py

* Clean up caller logic in dotnetfile.py

* Clean up callers and update helper logic in helpers.py

* Linter corrections for types.py

* Linter corrections for dotnetfile.py

* Linter corrections and caller functions cleanup for helpers.py

* Update capa/features/extractors/dnfile/helpers.py

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>

* Update capa/features/extractors/dnfile/helpers.py

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>

* Update capa/features/extractors/dnfile/helpers.py

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>

* Update capa/features/extractors/dnfile/helpers.py

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>

* Update capa/features/extractors/dnfile/helpers.py

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>

* Update capa/features/extractors/dnfile/helpers.py

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>

* Update capa/features/extractors/dnfile/helpers.py

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>

* Update capa/features/extractors/dnfile/helpers.py

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>

* Update capa/features/extractors/dnfile/helpers.py

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>

* Update helpers.py

* Update dotnetfile.py

* Update tuple type in types.py

* Update dotnetfile.py

* Update return value annotations in helpers.py

* Linting update types.py

* Linting update dotnetfile.py

* Added unit tests to fixtures.py

* Update types.py

* Linting fix for types.py

* Update CHANGELOG.md

* Small changes to return types in helpers.py

---------

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2024-01-05 10:09:38 -07:00
Capa Bot
62474c764a Sync capa-testfiles submodule 2024-01-05 14:24:40 +00:00
Capa Bot
037a97381c Sync capa-testfiles submodule 2024-01-04 08:16:43 +00:00
Capa Bot
ef65f14260 Sync capa-testfiles submodule 2024-01-03 16:36:36 +00:00
Mike Hunhoff
d6f7d2180f dotnet: combine dnfile_.py and dotnetfile.py (#1895) 2023-12-07 14:06:54 -07:00
mr-tz
51ddadbc87 fix symbol generation, ordinals 2023-12-03 17:49:54 +02:00
Willi Ballenthin
93cfb6ef8c sync testfiles submodule 2023-11-29 13:46:29 +00:00
Willi Ballenthin
82013f0e24 submodule: tests: data: sync 2023-11-14 10:35:18 +00:00
Moritz
1acc2d1959 Merge branch 'dynamic-feature-extraction' into fix/issue-1816 2023-11-08 16:56:05 +01:00
Willi Ballenthin
7678897334 tests: fix render tests 2023-11-06 10:32:44 +00:00
Willi Ballenthin
eb12ec43f0 mypy 2023-11-06 09:52:00 +00:00
Yacine
0097822e51 Merge pull request #1820 from yelhamer/capabilities-module 
add a capabilities module
 2023-10-27 13:39:49 +02:00
Yacine Elhamer
3572b512d9 test_capabilities.py: add missing test_com_feature_matching() test 2023-10-20 20:11:08 +02:00
Willi Ballenthin
9e6919f33c layout: capture call names 
so that they can be rendered to output
 2023-10-20 14:21:13 +00:00
mr-tz
99042f232d fix parsing base 10/16 2023-10-20 15:26:11 +02:00
Willi Ballenthin
ee4f02908c layout: capture process name 2023-10-20 12:38:35 +00:00
Moritz
c9df78252a Ignore DLL names for API features (#1824) 
* ignore DLL name for api features

* keep DLL name for import features

* fix tests
 2023-10-20 13:39:15 +02:00
Willi Ballenthin
fc4618e234 Merge branch 'dynamic-feature-extraction' into fix/dynamic-freeze 2023-10-20 09:16:07 +02:00
Willi Ballenthin
bfecf414fb freeze: add dynamic tests 2023-10-20 06:59:34 +00:00
Yacine
0ae8f34aff Merge branch 'dynamic-feature-extraction' into capabilities-module 2023-10-20 08:55:49 +02:00
Yacine Elhamer
96fb204d9d move capa.features.capabilities to capa.capabilities, and update scripts 2023-10-20 09:54:24 +02:00
Moritz
b8b55f4e19 identify potential JSON object data start (#1819) 
* identify potential JSON object data start
 2023-10-19 17:17:57 +02:00
Willi Ballenthin
fbeb33a91f Merge branch 'dynamic-feature-extraction' into fix/dynamic-proto 2023-10-19 10:05:26 +00:00
Willi Ballenthin
3519125e03 tests: fix COM tests with dynamic scope 2023-10-19 10:04:26 +00:00
Willi Ballenthin
98360328f9 proto: fix serialization of call address 2023-10-19 09:59:18 +00:00
Willi Ballenthin
3d4facd9a3 Merge branch 'dynamic-feature-extraction' into fix/dynamic-proto 2023-10-19 09:24:37 +00:00
Willi Ballenthin
8b0ba1e656 tests: rename freeze tests 2023-10-19 09:24:18 +00:00
Willi Ballenthin
7bc3fba7b0 Merge branch 'dynamic-feature-extraction' into fix/dynamic-proto 2023-10-19 09:20:15 +00:00
Willi Ballenthin
d5e187bc70 Merge branch 'master' into dynamic-feature-extraction 2023-10-19 09:15:57 +00:00
Yacine Elhamer
37caeb2736 capabilities: add a test file for the new capabilities module, and move the corresponding tests from main to there 2023-10-19 10:54:53 +02:00
Yacine Elhamer
5c48f38208 capa/main.py: add a capabilities module and move all of the capability extraction there 2023-10-19 10:39:14 +02:00
Yacine
9609d63f8a Update tests/test_main.py 
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2023-10-19 08:10:29 +02:00
Willi Ballenthin
1aac4a1a69 mypy 2023-10-17 14:42:58 +00:00
Willi Ballenthin
cb5fa36fc8 flake8 2023-10-17 11:44:48 +00:00
Willi Ballenthin
44d05f9498 dynamic: fix some tests 2023-10-17 11:41:40 +00:00
Willi Ballenthin
182a9868ca merge master 2023-10-17 10:32:25 +00:00
Aayush Goel
412d296d6b Merge branch 'mandiant:master' into Aayush-Goel-04/Issue#322 2023-10-16 16:38:18 +05:30
Aayush Goel
db32d90480 tests updated 2023-10-16 16:35:30 +05:30
Capa Bot
40ba6679f0 Sync capa-testfiles submodule 2023-10-11 14:36:05 +00:00
Yacine Elhamer
953b2e82d2 rendering: several fixes and added types/classes 2023-10-11 11:52:16 +02:00
Moritz
a9daa92c9a Merge branch 'master' into Aayush-Goel-04/Issue#322 2023-10-09 18:22:46 +02:00
Willi Ballenthin
8a019aa360 Merge branch 'master' into test_binja_forwarded_export 2023-09-27 08:48:21 +02:00
Capa Bot
79cef0e783 Sync capa-testfiles submodule 2023-09-22 10:33:01 +00:00
Willi Ballenthin
09b54a86f0 Merge branch 'master' into test_binja_forwarded_export 2023-09-21 12:10:13 +02:00
Xusheng
55af6f052f binja: add support for symtab names. Fix #1504 2023-09-21 17:24:42 +08:00