gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-29 06:03:52 -08:00
Code Issues Packages Projects Releases Wiki Activity
689 Commits 46 Branches 48 Tags
9fa128b27d89507a990154b5bfa2689590e4e4f2
Commit Graph

112 Commits

Author SHA1 Message Date
William Ballenthin
9fa128b27d tests: freeze: make py3 compatible 2020-08-16 00:05:04 -06:00
William Ballenthin
c623791a84 tests: lancelot: use common harness from fixtures 2020-08-15 23:32:50 -06:00
William Ballenthin
8721eb05eb tests: show found number of features when unexpected 2020-08-15 23:32:13 -06:00
William Ballenthin
15259d455c Merge branch 'master' into backend-lancelot 2020-08-15 21:52:28 -06:00
William Ballenthin
c1b7176e36 submodule: testfiles update 2020-08-14 13:34:43 -06:00
William Ballenthin
259a0a2007 tests: ida: remove old print 2020-08-14 13:15:22 -06:00
William Ballenthin
eee565b596 tests: ida: tweak tests to fit IDA behavior 2020-08-14 13:10:38 -06:00
William Ballenthin
26061c25a5 tests: fixtures: add mapping from test data to md5 2020-08-14 12:58:08 -06:00
William Ballenthin
897da4237d tests: fixtures: remove lru_cache on some accessors 2020-08-14 12:48:19 -06:00
William Ballenthin
1923d479d8 tests: fixtures: fix name error 2020-08-14 12:35:30 -06:00
William Ballenthin
6b8bce4f42 tests: fixtures: factor out resolution of scope/sample 2020-08-14 12:34:00 -06:00
William Ballenthin
107a68628b tests: ida: attempt to use new framework (wip) 2020-08-14 12:22:59 -06:00
William Ballenthin
26c9811ba1 tests: viv: fix typo preventing some tests from running 2020-08-14 12:22:39 -06:00
William Ballenthin
b784f086b4 tests: make fixtures more consistent in prep for other backends 2020-08-14 12:04:53 -06:00
William Ballenthin
8cbe3f8546 tests: move expected features into fixtures for reuse 
closes #225
 2020-08-14 11:25:00 -06:00
William Ballenthin
fb19841997 Merge branch 'master' into backend-lancelot 2020-08-13 17:24:28 -06:00
William Ballenthin
caf738ee4e lancelot: implement indirect call resolution 2020-08-13 13:22:50 -06:00
William Ballenthin
5c967cd6ef lancelot: insn: calls to/from 2020-08-13 12:39:32 -06:00
Ana María Martínez Gómez
adaac03d1d extractor: remove characteristic(switch) 
Get rid of the `characteristic(switch)` feature as any of our rules use
it and its analysis is not very easy. Analysis results most likely
differ across backends, leading to inconsistency.
 2020-08-13 16:47:01 +02:00
Capa Bot
e64277ed41 Sync capa-testfiles submodule 2020-08-12 23:26:45 +00:00
Willi Ballenthin
744b4915c9 Merge pull request #226 from fireeye/enhancement-223 
IDA: resolve nested data references to strings/bytes
 2020-08-12 09:05:11 -06:00
Capa Bot
15607d63ab Sync capa-testfiles submodule 2020-08-11 21:03:00 +00:00
Michael Hunhoff
70b4546c33 adding test for unmapped immediate data reference 2020-08-11 14:13:43 -06:00
Michael Hunhoff
791afd7ac8 adding code to emit number feature for unmapped immediate data reference 2020-08-11 14:12:41 -06:00
Michael Hunhoff
79d94144c6 adding IDA extractor code to resolve nested data references for string and bytes features 2020-08-11 08:44:44 -06:00
Capa Bot
7d62156a29 Sync capa-testfiles submodule 2020-08-11 07:12:56 +00:00
William Ballenthin
a59e1054fe tests: lancelot: feature counts 2020-08-10 19:04:29 -06:00
William Ballenthin
bdf6b69be6 lancelot: insn: indirect call 2020-08-10 18:45:58 -06:00
William Ballenthin
fdd6f7434b lancelot: insn: xsection flow and recursive calls 2020-08-10 18:40:45 -06:00
William Ballenthin
21adb2b9d1 tests: lancelot: formatting 2020-08-10 18:16:14 -06:00
William Ballenthin
5929c0652c lancelot: insn: fs/gs 2020-08-10 18:15:10 -06:00
William Ballenthin
c2f55fad12 tests: lancelot: construct assert message 2020-08-10 18:05:08 -06:00
William Ballenthin
695f1bf55a lancelot: insn: strings 2020-08-10 17:23:19 -06:00
William Ballenthin
10f5a54e1d lancelot: insn: bytes 2020-08-10 17:08:28 -06:00
William Ballenthin
042654ee97 lancelot: insn: mnemonic 2020-08-10 13:50:46 -06:00
William Ballenthin
1da450001c lancelot: insn: offset 2020-08-10 13:47:43 -06:00
William Ballenthin
7996e2efe7 tests: lancelot: remove old tests 2020-08-10 11:51:48 -06:00
William Ballenthin
5eded3c5cc lancelot: insn: implement API features 2020-08-10 11:49:37 -06:00
William Ballenthin
fcb8c4a293 tests: lancelot: override parametrize for better naming 2020-08-09 15:46:34 -06:00
William Ballenthin
4e6b475ff6 tests: lancelot: add number tests 2020-08-08 13:55:52 -06:00
William Ballenthin
02a8ad1ea4 tests: add more lancelot feature tests 2020-08-08 13:52:22 -06:00
William Ballenthin
43c6eec30b extractors: begin to implement lancelot backend 2020-08-08 12:48:56 -06:00
Capa Bot
23d31c3c2c Sync capa-testfiles submodule 2020-08-05 18:50:52 +00:00
William Ballenthin
4bb13d6075 tests: ida: fix offset arch test 2020-08-04 10:35:10 -06:00
William Ballenthin
e74b80a318 extractors: ida: add helper method get_function 2020-08-04 10:32:24 -06:00
William Ballenthin
e4acfd4852 merge 2020-08-04 09:48:26 -06:00
William Ballenthin
f02412bcc5 tests: fix function address 2020-08-03 19:10:05 -06:00
William Ballenthin
b09f29a996 features: viv: extract strings/bytes from nested pointers 
closes #200
 2020-08-03 17:35:29 -06:00
William Ballenthin
b81b5e5993 rules: add support for arch flavors of Number and Offset features 
closes #210
 2020-08-03 16:28:47 -06:00
Capa Bot
9d069b11ba Sync capa-testfiles submodule 2020-08-03 16:04:03 +00:00