gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-28 13:43:55 -08:00
Code Issues Packages Projects Releases Wiki Activity
3,433 Commits 45 Branches 48 Tags
a40126aeff776b94de44c3dbbb7c66d5950ce924
Commit Graph

3433 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
William Ballenthin
c2bdeabeb8 submodule: testfiles update 2020-07-28 10:44:39 -06:00
Capa Bot
c8d16350b4 Sync capa rules submodule 2020-07-28 16:42:45 +00:00
Capa Bot
91bafed8e4 Sync capa rules submodule 2020-07-28 16:18:30 +00:00
Capa Bot
c10a9efea2 Sync capa rules submodule 2020-07-28 16:03:04 +00:00
Willi Ballenthin
137c0ca7f3 Merge pull request #209 from Ana06/statement-description 
Enable descriptions for statement nodes
 2020-07-28 10:02:07 -06:00
Capa Bot
01aa4755c5 Sync capa-testfiles submodule 2020-07-28 16:00:10 +00:00
Ana María Martínez Gómez
61818bbe04 tests: Test statement nodes descriptions 
Add statement descriptions to `test_rule_yaml_descriptions` to ensure
rules with statement descriptions are parsed and extracted correctly.
 2020-07-28 15:58:55 +02:00
Ana María Martínez Gómez
56bf6a8d79 Render description in vverbose mode for for statement nodes 
Implement it similarly as how it is rendered for features.
 2020-07-28 15:58:38 +02:00
Ana María Martínez Gómez
b3c89acda7 render: refactor render_statement in vverbose 
Avoid code repetition to make modifying this code easier.
 2020-07-28 15:58:37 +02:00
Ana María Martínez Gómez
bee91583e5 Enable descriptions for statement nodes 
Enable descriptions for statement nodes such as and and or.

Use of case in: fireeye/capa-rules/pull/51

Documentation should be added in capa-rules.
 2020-07-28 15:58:24 +02:00
Ana María Martínez Gómez
a74ab922a3 Get rid of * for Statement 
They are not needed and complicate the code and make more difficult to
add more parameters to the initialization of Statements.

This produces many changes in the tests. The alternative would be to add
a parameter None in all of them, which are also a lot of changes.
 2020-07-28 14:20:13 +02:00
Ana María Martínez Gómez
6060397944 render: Refactor convert_statement_to_result_document 
Avoid repeating code and make easier to modify.
 2020-07-28 14:20:11 +02:00
Capa Bot
863df5ad1f Sync capa rules submodule 2020-07-28 12:06:51 +00:00
Capa Bot
a735f29ea9 Sync capa rules submodule 2020-07-27 21:06:34 +00:00
Capa Bot
261713d0d1 Sync capa-testfiles submodule 2020-07-27 21:05:14 +00:00
Capa Bot
f27cee010a Sync capa rules submodule 2020-07-27 18:15:34 +00:00
Willi Ballenthin
ce83ff352c Merge pull request #208 from fireeye/fix-197 
support negative offset features (and add IDA tests)
 2020-07-27 11:41:04 -06:00
Ana María Martínez Gómez
3e3fb18deb black: Fix typo in import-to-bn.py 
Tests are broken in master
 2020-07-27 18:41:15 +02:00
Capa Bot
bfdd68c60a Sync capa rules submodule 2020-07-27 16:02:34 +00:00
Willi Ballenthin
14463de5e7 Merge pull request #207 from psifertex/master 
adding BN script
 2020-07-27 09:19:31 -06:00
Capa Bot
e44dc73ec2 Sync capa rules submodule 2020-07-27 13:16:02 +00:00
Jordan Wiens
f547ca0fae updates for pull 205 2020-07-25 22:45:51 -04:00
Willi Ballenthin
2c48a8a5fa Merge pull request #204 from psifertex/patch-1 
submodule update requires --init the first time
 2020-07-25 18:39:17 -06:00
Willi Ballenthin
a901f2e7ac license: fill in org name 
closes #206
 2020-07-25 18:37:36 -06:00
Jordan
508ebb47e0 submodule update requires --init the first time 2020-07-25 17:50:15 -04:00
Jordan Wiens
82b9514230 initial commit of BinaryNinja import script 2020-07-25 17:45:25 -04:00
William Ballenthin
7236283b2f tests: ida: address comments 2020-07-25 11:40:04 -06:00
William Ballenthin
b6c9540469 pep8 2020-07-25 10:29:21 -06:00
William Ballenthin
605ee00f0a scripts: bn: remove extra character 2020-07-25 10:28:11 -06:00
William Ballenthin
2fa2a98ae1 pep8 2020-07-25 10:26:57 -06:00
William Ballenthin
bf4d12e5b6 Merge branch 'master' into fix-197 2020-07-25 10:24:25 -06:00
William Ballenthin
352d6f26fc tests: ida: ensure they all pass 
closes #202
 2020-07-25 10:10:25 -06:00
William Ballenthin
554f5dfe46 ida: insn: don't ignore offset 0x0 2020-07-25 01:41:31 -06:00
William Ballenthin
1a1caf76fa add test_ida_features 2020-07-25 01:41:23 -06:00
William Ballenthin
308c78844d show-features: fix error when piping features to less 2020-07-25 00:59:32 -06:00
William Ballenthin
c91f9a375e ida: parse offsets as signed numbers 
closes #197
 2020-07-25 00:58:44 -06:00
Capa Bot
25ae7e9dda Sync capa rules submodule 2020-07-24 21:51:31 +00:00
William Ballenthin
e93e4efd6d submodule: rules update 2020-07-24 15:50:18 -06:00
William Ballenthin
21a918b005 Merge branch 'master' of github.com:fireeye/capa 2020-07-24 15:23:40 -06:00
William Ballenthin
682bb14b99 submodule: testfiles update 2020-07-24 15:23:34 -06:00
Capa Bot
872aa51796 Sync capa-testfiles submodule 2020-07-24 21:22:27 +00:00
mike-hunhoff
297ab66565 Merge pull request #192 from fireeye/bugfix-191 
fixes 191
 2020-07-24 08:59:14 -06:00
Ana María Martínez Gómez
e566095a85 Merge pull request #195 from fireeye/fix/no-progress-on-quiet 
fix: disable progress when run in quiet mode
 2020-07-24 11:38:59 +02:00
Michael Hunhoff
174263dc6c rollback black format changes 2020-07-24 11:12:53 +02:00
Michael Hunhoff
4c5a104055 fixes 191 2020-07-24 11:12:52 +02:00
Moritz Raabe
909639c629 fix: disable progress when run in quiet mode 2020-07-24 10:50:50 +02:00
Ana María Martínez Gómez
41a8199770 Merge pull request #187 from Ana06/documentation 2020-07-24 10:32:32 +02:00
Ana María Martínez Gómez
f3e2abf467 doc: Improve issue templates 
Add some useful information, correct small mistakes and simplify the
templates. Make also both templates consistent.
 2020-07-24 10:24:35 +02:00
Ana María Martínez Gómez
0665873b00 doc: Improve cloning capa source code documentation 
Move the cloning all submodule option to the beginning as when using
capa in development this is the most common option. Test files are
needed to run the tests locally. Simplify the rest of the submodules
documentation, as it is easier for people to look the submodule
documentation than for us to maintain a copy. The submodule init step
shouldn't be needed to clone the rules directory.
 2020-07-24 10:24:34 +02:00
Ana María Martínez Gómez
aa2eb7771c doc: Document supported Linux distributions 
Document for which Linux distributions the standalone Linux binary
works.
 2020-07-24 10:24:31 +02:00