gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-09 11:45:20 -08:00
Code Issues Packages Projects Releases Wiki Activity
619 Commits 41 Branches 48 Tags
adaac03d1d46d4c31003506eef4e50be4a38ef3b
Commit Graph

619 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ana María Martínez Gómez
adaac03d1d extractor: remove characteristic(switch) 
Get rid of the `characteristic(switch)` feature as any of our rules use
it and its analysis is not very easy. Analysis results most likely
differ across backends, leading to inconsistency.
 2020-08-13 16:47:01 +02:00
Capa Bot
199cccaef9 Sync capa rules submodule 2020-08-12 23:27:17 +00:00
Capa Bot
e64277ed41 Sync capa-testfiles submodule 2020-08-12 23:26:45 +00:00
Willi Ballenthin
744b4915c9 Merge pull request #226 from fireeye/enhancement-223 
IDA: resolve nested data references to strings/bytes
 2020-08-12 09:05:11 -06:00
Capa Bot
5d9ccf1f76 Sync capa rules submodule 2020-08-11 21:04:09 +00:00
Capa Bot
15607d63ab Sync capa-testfiles submodule 2020-08-11 21:03:00 +00:00
Willi Ballenthin
362db6898a Merge pull request #230 from fireeye/enhancement-immediate-memory-reference-as-number 
adding support to emit number features for unmapped immediate memory references
 2020-08-11 14:59:26 -06:00
Michael Hunhoff
70b4546c33 adding test for unmapped immediate data reference 2020-08-11 14:13:43 -06:00
Michael Hunhoff
791afd7ac8 adding code to emit number feature for unmapped immediate data reference 2020-08-11 14:12:41 -06:00
Capa Bot
6f352283e6 Sync capa-testfiles submodule 2020-08-11 19:36:17 +00:00
Capa Bot
db85fbab4f Sync capa rules submodule 2020-08-11 14:54:42 +00:00
mike-hunhoff
20cc23adc5 Merge pull request #228 from fireeye/bugfix-explorer-display-arch-decorator 
explorer: adding support to display arch decorator on numbers/offsets
 2020-08-11 07:50:08 -07:00
Michael Hunhoff
828819e13f switching to iterative solution for data reference search 2020-08-11 08:45:20 -06:00
Michael Hunhoff
79d94144c6 adding IDA extractor code to resolve nested data references for string and bytes features 2020-08-11 08:44:44 -06:00
Michael Hunhoff
c46a1d2b44 black format changes 2020-08-11 08:26:48 -06:00
Capa Bot
7a18fbf9d4 Sync capa rules submodule 2020-08-11 07:19:00 +00:00
Capa Bot
7d62156a29 Sync capa-testfiles submodule 2020-08-11 07:12:56 +00:00
Michael Hunhoff
def8130a24 adding support to display arch decorator on numbers/offsets 2020-08-10 18:27:37 -06:00
Capa Bot
f7cd52826e Sync capa rules submodule 2020-08-05 18:51:51 +00:00
Capa Bot
23d31c3c2c Sync capa-testfiles submodule 2020-08-05 18:50:52 +00:00
Willi Ballenthin
732b47e845 changelog: fix @mike-hunhoff handle 2020-08-05 08:20:34 -06:00
Willi Ballenthin
12076eeda2 Merge pull request #222 from fireeye/release-v1.1.0 
draft v1.1.0 release
v1.1.0 		2020-08-05 08:11:08 -06:00
Willi Ballenthin
9af55292ab changelog: fix feature name 2020-08-04 21:56:54 -06:00
Willi Ballenthin
9943de0746 Merge pull request #219 from fireeye/fix-218 
ida: use a local context for cache instead of global
 2020-08-04 21:55:50 -06:00
Capa Bot
1c3da73324 Sync capa rules submodule 2020-08-05 03:18:55 +00:00
William Ballenthin
a7484b9dbe changelog: add download text 2020-08-04 16:28:49 -06:00
William Ballenthin
ea72454d74 init changelog 2020-08-04 16:27:43 -06:00
William Ballenthin
183f533efd version: bump to v1.1.0 2020-08-04 15:50:13 -06:00
Willi Ballenthin
715c38b4ff Merge pull request #221 from fireeye/fix-199 
setup: bump viv version
 2020-08-04 13:07:32 -06:00
William Ballenthin
fd92165f29 setup: bump viv version 2020-08-04 13:06:52 -06:00
Willi Ballenthin
36c26ab6ee Merge pull request #220 from fireeye/fix-178 
ci: enable pyinstaller builds upon gh release tagged
v1.1.0-rc1 		2020-08-04 12:24:17 -06:00
William Ballenthin
9778a1de18 ci: build standalone exe upon release 2020-08-04 12:05:02 -06:00
William Ballenthin
328f27511b ci: build standalone exe upon release 2020-08-04 12:04:15 -06:00
William Ballenthin
9751c66565 ci: demonstrate capa runs against test file 2020-08-04 11:56:05 -06:00
William Ballenthin
32e293f78f ci: checkout submodules for rules 2020-08-04 11:53:13 -06:00
William Ballenthin
61afeb1b78 ci: upload artifacts upon build 2020-08-04 11:49:26 -06:00
William Ballenthin
0606666e08 ci: run capa on itself to demonstrate rules work 2020-08-04 11:44:41 -06:00
William Ballenthin
ae276d27ab ci: configure win/macos os 2020-08-04 11:39:44 -06:00
William Ballenthin
dd74fae160 ci: attempt to configure gh actions for pyinstaller 2020-08-04 11:31:33 -06:00
William Ballenthin
4bb13d6075 tests: ida: fix offset arch test 2020-08-04 10:35:10 -06:00
William Ballenthin
6aa17782b7 extractors: ida: fix method signature 2020-08-04 10:33:45 -06:00
William Ballenthin
e74b80a318 extractors: ida: add helper method get_function 2020-08-04 10:32:24 -06:00
William Ballenthin
f993efb8f4 extractors: ida: cache data using shared context not globals 
attempts to close #218
 2020-08-04 10:23:47 -06:00
Willi Ballenthin
f670c25027 Merge pull request #216 from fireeye/fix-210 
rules: add support for arch flavors of Number and Offset features
 2020-08-04 10:14:03 -06:00
William Ballenthin
8b7a8b0956 rules: address comments in #216 2020-08-04 10:10:52 -06:00
William Ballenthin
e4acfd4852 merge 2020-08-04 09:48:26 -06:00
Willi Ballenthin
cab4cfa0e0 Merge pull request #217 from fireeye/fix-200 
features: viv: extract strings/bytes from nested pointers
 2020-08-04 09:41:14 -06:00
Capa Bot
e5921e9267 Sync capa rules submodule 2020-08-04 14:35:08 +00:00
William Ballenthin
f02412bcc5 tests: fix function address 2020-08-03 19:10:05 -06:00
William Ballenthin
c3b848183d Revert "ci: use pytest-xdist for parallel testing" 
This reverts commit 7458014b21.
 2020-08-03 17:56:28 -06:00