gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-02-04 11:07:53 -08:00
Code Issues Packages Projects Releases Wiki Activity
4,671 Commits 47 Branches 48 Tags
8f0eb5676e0f2c0c91caeff89fa7d5ce7c1d91b1
Commit Graph

4671 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
mr-tz
8f0eb5676e only check and display file limitation once 2023-11-28 15:00:47 +01:00
mr-tz
890c879e7c only check and display file limitation once 2023-11-27 13:28:36 +01:00
mr-tz
f201ef1d22 actually get global feature values 2023-11-27 13:28:06 +01:00
Willi Ballenthin
a870c92a2f sync submodule rules 2023-11-15 11:00:51 +00:00
Willi Ballenthin
de5f08871e sync submodule rules 2023-11-15 10:57:16 +00:00
Willi Ballenthin
987eb2d358 sync rules submodule 2023-11-14 14:34:08 +00:00
Willi Ballenthin
6e3fff4bae use latest rules migration 2023-11-14 14:29:34 +00:00
Willi Ballenthin
a705bf9eab Merge pull request #1825 from mandiant/fix/issue-1816 
verbose: show process name and other human-level details
 2023-11-14 12:33:41 +01:00
Willi Ballenthin
c68c68d5cb Merge branch 'dynamic-feature-extraction' into fix/issue-1816 2023-11-14 11:36:24 +01:00
Willi Ballenthin
82013f0e24 submodule: tests: data: sync 2023-11-14 10:35:18 +00:00
Moritz
dee0aa73eb Merge pull request #1844 from mandiant/mr-tz-patch-1 
fix whitespace removal in format check
 2023-11-11 19:53:44 +01:00
Moritz
41a397661f fix whitespace removal in format check 2023-11-10 11:40:55 +01:00
Moritz
52997e70a0 fix imports according to ruff 2023-11-08 16:58:40 +01:00
Moritz
1acc2d1959 Merge branch 'dynamic-feature-extraction' into fix/issue-1816 2023-11-08 16:56:05 +01:00
Willi Ballenthin
a52af3895a verbose: remove TODOs 2023-11-06 10:37:22 +00:00
Willi Ballenthin
5d31bc462b verbose: render dynamic match locations 2023-11-06 10:34:26 +00:00
Willi Ballenthin
7678897334 tests: fix render tests 2023-11-06 10:32:44 +00:00
Willi Ballenthin
75ff58edaa vverbose: better render pid/tid/call index 2023-11-06 10:09:23 +00:00
Willi Ballenthin
eb12ec43f0 mypy 2023-11-06 09:52:00 +00:00
Willi Ballenthin
f7c72cd1c3 vverbose: don't repeat rendered calls when in call scope 2023-11-06 09:52:00 +00:00
Willi Ballenthin
0da614aa4f vverbose: dynamic: show rendered matching API call 2023-11-06 09:52:00 +00:00
Willi Ballenthin
9c81ccf88a vverbose: make missing names an error 2023-11-06 09:52:00 +00:00
Willi Ballenthin
c141f7ec6e verbose: better render scopes 2023-11-06 09:52:00 +00:00
Willi Ballenthin
274a710bb1 report: better compute dynamic layout 2023-11-06 09:52:00 +00:00
Willi Ballenthin
4a7e488e4c Update capa/render/vverbose.py 
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2023-11-01 12:19:13 +01:00
Yacine
0097822e51 Merge pull request #1820 from yelhamer/capabilities-module 
add a capabilities module
 2023-10-27 13:39:49 +02:00
Yacine Elhamer
e559cc27d5 capa.rules: remove redundant ceng.MatchResults import 2023-10-26 19:43:26 +02:00
Yacine Elhamer
a0cec3f07d capa.rules: remove redundant is_internal_rule() and has_file_limitations() from capa source code 2023-10-26 19:41:09 +02:00
Moritz
db53424548 Merge pull request #1826 from mandiant/fix-model-hexint 
fix parsing base 10/16
 2023-10-23 09:02:21 +02:00
Yacine Elhamer
8029fed31c Merge branch 'capabilities-module' of https://github.com/yelhamer/capa into capabilities-module 2023-10-20 20:11:28 +02:00
Yacine Elhamer
3572b512d9 test_capabilities.py: add missing test_com_feature_matching() test 2023-10-20 20:11:08 +02:00
Yacine Elhamer
ab06c94d80 capa/main.py: move has_rule_with_namespace() to capa.rules.RuleSet 2023-10-20 20:10:29 +02:00
Willi Ballenthin
9e6919f33c layout: capture call names 
so that they can be rendered to output
 2023-10-20 14:21:13 +00:00
mr-tz
99042f232d fix parsing base 10/16 2023-10-20 15:26:11 +02:00
Willi Ballenthin
393b0e63f0 layout: capture process name 2023-10-20 12:39:28 +00:00
Willi Ballenthin
ee4f02908c layout: capture process name 2023-10-20 12:38:35 +00:00
Moritz
c9df78252a Ignore DLL names for API features (#1824) 
* ignore DLL name for api features

* keep DLL name for import features

* fix tests
 2023-10-20 13:39:15 +02:00
Willi Ballenthin
788251ba2b vverbose: render scope for humans 2023-10-20 11:37:42 +00:00
Willi Ballenthin
62d4b008c5 Merge pull request #1822 from mandiant/fix/dynamic-freeze 
update freeze for dynamic
 2023-10-20 13:16:48 +02:00
Yacine Elhamer
aae72667a3 Merge branch 'capabilities-module' of https://github.com/yelhamer/capa into capabilities-module 2023-10-20 10:16:41 +02:00
Yacine Elhamer
d6c5d98b0d move is_file_limitation_rule() to the rules module (Rule class) 2023-10-20 10:16:09 +02:00
Yacine Elhamer
d5ae2ffd91 capa.capabilities: move has_file_limitations() from capa.main to the capabilities module 2023-10-20 10:15:20 +02:00
Yacine Elhamer
96fb204d9d move capa.features.capabilities to capa.capabilities, and update scripts 2023-10-20 09:54:24 +02:00
Yacine
20604c4b41 Update capa/capabilities/static.py 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-10-20 09:28:13 +02:00
Yacine
423d942bd0 Update capa/capabilities/dynamic.py 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-10-20 09:28:05 +02:00
Yacine
f9b87417e6 Update capa/capabilities/common.py 
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2023-10-20 09:27:58 +02:00
Willi Ballenthin
fc4618e234 Merge branch 'dynamic-feature-extraction' into fix/dynamic-freeze 2023-10-20 09:16:07 +02:00
Willi Ballenthin
1143f2ba56 changelog 2023-10-20 07:11:42 +00:00
Willi Ballenthin
10dc4b92b1 freeze: update freeze format v3 2023-10-20 06:59:53 +00:00
Willi Ballenthin
bfecf414fb freeze: add dynamic tests 2023-10-20 06:59:34 +00:00