gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-02-04 19:12:01 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,433 Commits 47 Branches 48 Tags
a40126aeff776b94de44c3dbbb7c66d5950ce924
Commit Graph

408 Commits

Author SHA1 Message Date
Capa Bot
974d79f2be Sync capa rules submodule 2023-01-03 10:42:41 +00:00
Capa Bot
565b002bfe Sync capa rules submodule 2023-01-02 17:33:19 +00:00
Capa Bot
1dd5a8dbf2 Sync capa rules submodule 2023-01-02 17:31:53 +00:00
Mike Hunhoff
5f77200108 explorer: assume 32-bit displacement for offsets (#1250) 
* explorer: assume 32-bit displacement for offsets
 2022-12-29 07:08:10 -07:00
Mike Hunhoff
b68be0c2ce dotnet: emit namespace/class features for type references (#1242) 
* dotnet: emit namespace/class features for type references

* dotnet: pre-compute .NET token caches
 2022-12-21 15:59:29 -07:00
Mike Hunhoff
50490e6a93 dotnet: emit namespace/class features for ldvirtftn/ldftn instructions (#1241) 
* dotnet: emit namespace/class features for ldvirtftn/ldftn instructions

* dotnet: add unit tests for ldftn/ldvirtftn namespace/class features
 2022-12-20 13:29:29 -07:00
Mike Hunhoff
4ece47c64c dotnet: emit calls to/from MethodDef methods (#1236) 
* dotnet: emit calls to/from MethodDef methods

* dotnet: update function.py copyright header
 2022-12-19 15:06:16 -07:00
Mike Hunhoff
e0491097b0 dotnet: emit API features for generic methods (#1231) 
* dotnet: emit API features for generic methods

* dotnet: improve type checking

* dotnet: emit namespace/class features for generic methods

* dotnet: update for dnfile 0.13.0

* dotnet: refactor property extraction
 2022-12-19 14:45:21 -07:00
Mike Hunhoff
3af7fe0b08 dotnet: address unhandled exceptions through improved type checking (#1230) 
* dotnet: bump dncil version

* dotnet: check #US stream valid before access

* dotnet: use assert statements to guard types
 2022-12-15 12:55:57 -07:00
Willi Ballenthin
f79e16d1a6 Merge branch 'master' of https://github.com/mandiant/capa into williballenthin-patch-2 2022-12-15 10:07:36 +00:00
Willi Ballenthin
35243ef7a6 changelog 2022-12-13 13:23:46 +00:00
Mike Hunhoff
447cd95bc5 ida: add support for COFF and extern functions (#1223) 2022-12-12 16:36:44 -07:00
Capa Bot
b6911f8ad2 Sync capa rules submodule 2022-12-12 14:39:26 +00:00
Willi Ballenthin
7ba08edffa changelog 2022-12-09 16:09:41 +01:00
Capa Bot
bd84ee83a5 Sync capa rules submodule 2022-12-07 19:10:53 +00:00
Willi Ballenthin
b290690b19 Merge pull request #1216 from mandiant/fix/issue-1215 
add missing vverbose feature renderers
 2022-12-07 15:12:10 +01:00
Willi Ballenthin
fe2f668306 CHANGELOG 2022-12-07 13:41:10 +00:00
Willi Ballenthin
d1aafa3764 vverbose: render offset 
closes #1215
 2022-12-07 11:52:41 +00:00
Willi Ballenthin
0e73f26e88 CHANGELOG 2022-12-06 15:34:22 +00:00
Willi Ballenthin
236ad883d4 changelog 2022-12-05 15:13:16 +00:00
Capa Bot
5196caabb5 Sync capa rules submodule 2022-11-22 12:35:27 +00:00
Capa Bot
0d8c6cc0fd Sync capa rules submodule 2022-10-13 14:37:09 +00:00
Mike Hunhoff
20c7949be3 dotnet: emit features from newobj instruction (#1186) 2022-10-13 08:35:29 -06:00
Capa Bot
ac71676d79 Sync capa rules submodule 2022-10-07 15:40:27 +00:00
Capa Bot
70e6d83259 Sync capa rules submodule 2022-10-03 15:28:44 +00:00
Mike Hunhoff
e1735f0a5e update pydantic models to guarantee type coercion (#1176) 
* add CompoundStatement to fix Pydantic typing bug

* explorer: fix #1151

* explorer: support rendering operand number/offset
 2022-09-20 08:38:19 -06:00
Moritz
b1b15e2eef fix: do not overwrite __version__ (#1170) 2022-09-14 14:45:58 -06:00
Mike Hunhoff
3c1cd67f60 dotnet: support property feature extraction (#1168) 2022-09-09 12:09:41 -06:00
Moritz
2441c18a85 fix: use int instead of Token to decouple extractor and features (#1158) 2022-09-08 11:09:17 -06:00
Moritz
3976e5858d feat: verify rule metadata format on load (#1160) 2022-09-08 10:56:59 -06:00
Capa Bot
44843ea977 Sync capa rules submodule 2022-08-29 16:50:20 +00:00
Moritz
49684e4c25 fix: display instruction items (#1155) 
* fix: display instruction items

* fix: instruction item format
 2022-08-23 17:12:51 +02:00
Mike Hunhoff
47268c2344 render: convert feature attributes to aliased dictionary for vverbose (#1152) 2022-08-18 12:15:52 -06:00
Moritz
3c4141589d Release v4.0.1 (#1143) 
* update scripts/lint.py to validate rule metadata using pydantic (#1141)

* doc: v401

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2022-08-15 13:26:39 +02:00
Moritz
c5f768accc Update document and version set in PyInstaller (#1140) 
* doc: update v4 resources

* tmp

* fix: set version #1136

* format: black

* comment version substring replacement
 2022-08-15 11:10:17 +02:00
Capa Bot
2e6671ff91 Sync capa rules submodule 2022-08-15 08:39:57 +00:00
Mike Hunhoff
449c64d80b update scripts/lint.py to validate rule metadata using pydantic (#1141) 2022-08-12 08:26:39 -06:00
Moritz
81cb4b31e1 Release v4.0.0 (#1105) 
* release: v4 prep

* add SMDA deprecation warning

* doc: update v4 changes

* Update CHANGELOG.md

* Update CHANGELOG.md

Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>

* doc: add DeprecationWarning

* fix: add __index__ method

* ci: test build run on more OSs

* explorer: update supported versions to include IDA 8.0

Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
Co-authored-by: Willi Ballenthin <willi.ballenthin@gmail.com>
 2022-08-10 15:32:52 +02:00
Capa Bot
63e0d903c7 Sync capa rules submodule 2022-08-09 10:35:39 +00:00
Mike Hunhoff
747eed4db7 render: display number feature as hex vverbose (#1097) 2022-07-08 10:37:41 -06:00
Capa Bot
28f32eebfc Sync capa rules submodule 2022-07-07 21:24:45 +00:00
Capa Bot
e63a9c801b Sync capa rules submodule 2022-07-07 19:40:55 +00:00
Capa Bot
0fbea75513 Sync capa rules submodule 2022-07-07 17:38:22 +00:00
Mike Hunhoff
4b3129e30a ida: bug fixes including #1090 for Address abstraction (#1091) 2022-07-07 09:54:20 -06:00
Capa Bot
21efdd2e0e Sync capa rules submodule 2022-07-06 19:36:29 +00:00
Capa Bot
ec81768fb5 Sync capa rules submodule 2022-07-05 15:37:24 +00:00
Capa Bot
7bd49b56c4 Sync capa rules submodule 2022-06-30 15:17:33 +00:00
Capa Bot
36eabc1c39 Sync capa rules submodule 2022-06-29 23:22:05 +00:00
Capa Bot
2f792427f9 Sync capa rules submodule 2022-06-29 17:55:13 +00:00
Capa Bot
82e8f8f090 Sync capa rules submodule 2022-06-28 21:34:02 +00:00