gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-26 04:41:13 -08:00
Code Issues Packages Projects Releases Wiki Activity
1,682 Commits 45 Branches 48 Tags
7bce20212202fc2ff28cca56071c6d555256bb0e
Commit Graph

157 Commits

Author SHA1 Message Date
William Ballenthin
40c7401f0a pep8 2021-06-15 12:28:45 -06:00
William Ballenthin
a7ebd5a309 Merge branch 'master' of github.com:fireeye/capa into fix-507 2021-06-15 12:28:17 -06:00
William Ballenthin
7f03db9fe4 main: dont save .viv by default, unless CAPA_SAVE_WORKSPACE set 
closes #507
 2021-06-15 12:24:01 -06:00
William Ballenthin
ae2baebf6c import-to-bn: dont import * 2021-06-14 11:02:20 -06:00
William Ballenthin
aca6ad2f52 scripts: fix types 2021-06-14 10:41:44 -06:00
William Ballenthin
83909b2be4 *: remove explicit object super class 
closes #635
 2021-06-14 08:47:09 -06:00
William Ballenthin
954ed3a408 pep8 2021-06-09 22:22:03 -06:00
William Ballenthin
ac59e50b5f move capa/features/__init__.py logic to common.py 
also cleanup imports across the board,
thanks to pylance.
 2021-06-09 22:20:53 -06:00
William Ballenthin
766dcacdbe move logic out of capa/render/__init__.py 2021-06-09 18:06:51 -06:00
William Ballenthin
fc9ad6c737 move extractors/ida/__init__.py logic to extractor.py 2021-06-09 17:55:44 -06:00
William Ballenthin
2706a7171e linter: fix match namespace handling 
closes #601
 2021-06-01 11:38:05 -06:00
Moritz Raabe
204d8b36df add or/optional lint and colors 
closes #348
 2021-05-25 16:32:47 +02:00
Willi Ballenthin
4cada67b21 Merge branch 'master' into feature-571 2021-05-21 11:14:22 -06:00
Arnim Rupp
7759d2dd79 Update capa2yara.py 2021-05-21 17:04:16 +02:00
Arnim Rupp
73f121cf03 Update capa2yara.py 
bugfix: https://github.com/fireeye/capa-rules/blob/master/collection/get-geographical-location.yml hit an far too many files with /\bcity opposed to the intention of the capa rule ti just hit in function names. changed to /\x00city.
 2021-05-21 16:51:14 +02:00
Moritz
caaeded278 Merge pull request #563 from fireeye/ci/lint-statement-children 
lint statements for single child statements
 2021-05-20 10:41:41 +02:00
Willi Ballenthin
dcf4a056ee show-features: skip library functions (#570) 
* show-features: skip library functions

closes #569

* changelog
 2021-05-20 10:34:48 +02:00
William Ballenthin
9b1400c23a pep8 2021-05-19 16:14:37 -06:00
William Ballenthin
60d77759f2 Merge branch 'feature-571' of github.com:fireeye/capa into feature-571 2021-05-19 16:14:09 -06:00
Willi Ballenthin
5fc705856d Merge branch 'master' into feature-571 2021-05-20 16:40:37 -06:00
William Ballenthin
0a1adb99e0 lint: cleanup handling of nursery rules further 2021-05-19 16:13:45 -06:00
William Ballenthin
3eef034a94 lint: better handling of nursery rule summary 2021-05-19 16:06:07 -06:00
Moritz Raabe
586726fb13 lint statements for single child statements 2021-05-19 18:25:14 +02:00
Arnim Rupp
7b62b589f7 Create capa2yara.py (#561) 
* Create capa2yara.py

* Update capa2yara.py

    isort --profile black --length-sort --line-width 120

    black -l 120

* Update scripts/capa2yara.py

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

Co-authored-by: Arnim Rupp <46819580+2d4d@users.noreply.github.com>
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2021-05-19 18:01:04 +02:00
William Ballenthin
ff88393248 linter: summarize status at end 
closes #571
 2021-05-18 15:19:34 -06:00
William Ballenthin
14abb7d4f6 pep8 2021-04-27 13:41:59 -06:00
William Ballenthin
bd92933030 show-features: accept signatures or use default 2021-04-27 13:27:59 -06:00
William Ballenthin
249332a9dd lint: load default sigs 2021-04-27 13:22:45 -06:00
William Ballenthin
9ca1a7ebb6 extractors: do cast-to-int correctly 2021-04-27 13:07:27 -06:00
William Ballenthin
c79f461e39 Merge branch 'master' into function-id-flirt 2021-04-26 09:47:42 -06:00
Moritz Raabe
d1cd4ef259 move auto format check 2021-04-09 11:59:30 +02:00
Ana Maria Martinez Gomez
dfb7cf4888 py3: set and document env 
Document how to use env now that we are Python3 only. Adapt
`scripts/ci.sh`.
 2021-04-07 18:20:07 +02:00
Michael Hunhoff
e51c79c241 adding lint for incorrect rule string format, refined rendering for strings 2021-03-23 15:55:48 -06:00
Michael Hunhoff
7bf8c6e3a1 merging upstream 2021-03-22 10:33:36 -06:00
Moritz Raabe
8719a23de4 dos2unix 2021-03-19 09:40:44 +01:00
Moritz Raabe
7e0b5236af better deal with CRLF/LF issues 2021-03-19 09:40:43 +01:00
Moritz Raabe
c7798b3254 ensure LF end of line 2021-03-19 09:40:43 +01:00
William Ballenthin
1ee7b7b856 merge master 2021-03-05 15:23:47 -07:00
William Ballenthin
063e1229bc pep8 2021-03-05 11:10:12 -07:00
William Ballenthin
eacd70329a merge from master, sorry 2021-03-05 11:06:40 -07:00
William Ballenthin
3a1d5d068c scripts: use common argument handler 
closes #449
 2021-03-05 10:58:40 -07:00
William Ballenthin
bdea61f93b scripts: remove old migration script 2021-03-05 10:57:14 -07:00
William Ballenthin
6006e87c5e pep8 2021-03-05 09:40:43 -07:00
William Ballenthin
a3e6d1b611 scripts: add helper to show function id matches 2021-03-05 08:38:02 -07:00
William Ballenthin
d3caecc551 pep8 2021-03-04 18:06:06 -07:00
William Ballenthin
c2a4629c62 scripts: add cli arguments to specify signatures 2021-03-04 15:04:33 -07:00
Ana Maria Martinez Gomez
40ed2f39a4 Make backend a required parameter in get_extractor 
Make the `backend` argument required in the `get_extractor` internal
routine. Specify a backend in the scripts which call this function. Add
a CLI backend option in capa/features/freeze.py as well.
 2021-03-03 17:36:50 +01:00
Ana Maria Martinez Gomez
2da2f498a2 Add script to compare vivisect Python 2 vs 3 
Compare the performance of vivisect Python 2 vs 3 by counting the number
of feature of each type extracted for every binary in `tests/data`.
Render the ones that perform bad (under a threshold - 98) and the total
performance. Render also the running time per binary for both Python 2 and 3.

From this result, it seems that vivisect behaves properly with Python3.
 2021-03-03 17:36:50 +01:00
Ana Maria Martinez Gomez
d28ba3c628 Make backend a required parameter in get_extractor 
Make the `backend` argument required in the `get_extractor` internal
routine. Specify a backend in the scripts which call this function. Add
a CLI backend option in capa/features/freeze.py as well.
 2021-02-25 10:04:19 +01:00
Ana Maria Martinez Gomez
adcb683458 Add script to compare vivisect Python 2 vs 3 
Compare the performance of vivisect Python 2 vs 3 by counting the number
of feature of each type extracted for every binary in `tests/data`.
Render the ones that perform bad (under a threshold - 98) and the total
performance. Render also the running time per binary for both Python 2 and 3.

From this result, it seems that vivisect behaves properly with Python3.
 2021-02-25 09:35:40 +01:00