gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-02-04 19:12:01 -08:00
Code Issues Packages Projects Releases Wiki Activity
1,635 Commits 47 Branches 48 Tags
b066af9506918fddc00a2ff6b830de67f90656a2
Commit Graph

87 Commits

Author SHA1 Message Date
William Ballenthin
d61ff0c69f changelog 2021-06-10 00:08:00 -06:00
William Ballenthin
6b4d7266e6 changelog 2021-06-09 22:23:06 -06:00
Capa Bot
23354ec452 Sync capa rules submodule 2021-06-09 09:19:50 +00:00
Capa Bot
f698f4e79b Sync capa rules submodule 2021-06-09 08:08:12 +00:00
Moritz
c05a8bf910 Merge pull request #620 from fireeye/fix-619 
correctly render negative numbers and offsets
 2021-06-09 10:03:04 +02:00
William Ballenthin
0508d31a35 changelog 2021-06-08 11:10:40 -06:00
Michael Hunhoff
84d2f9f324 fix 616 2021-06-08 10:16:54 -06:00
Capa Bot
f9bad7e5e4 Sync capa rules submodule 2021-06-08 14:17:39 +00:00
Capa Bot
700259eab6 Sync capa rules submodule 2021-06-07 07:45:04 +00:00
Capa Bot
3f51e787e4 Sync capa rules submodule 2021-06-07 06:19:37 +00:00
Moritz
b21b041dab Merge pull request #608 from fireeye/fix-605 
fix 605
 2021-06-07 08:16:16 +02:00
William Ballenthin
3c4388e280 changelog 2021-06-04 11:48:03 -06:00
Ana Maria Martinez Gomez
6ffa5ef53e changelog: fix number of new rules 
This was caused by a bug in the GH action which updates this number
automatically:
https://github.com/fireeye/capa-rules/pull/405
 2021-06-04 19:47:57 +02:00
Ana María Martínez Gómez
e737595339 Merge pull request #604 from Ana06/lint_changelog 
ci: lint CHANGELOG
 2021-06-04 13:33:11 +02:00
Moritz
32e0a5dce2 Merge pull request #598 from fireeye/render/json-attck-fields 
parse att&ck for output doc
 2021-06-02 16:54:31 +02:00
Ana Maria Martinez Gomez
f304bdbd20 ci: lint CHANGELOG 
The sync GH action in capa-rules relies on a single '- *$' in the
CHANGELOG file. Check in the tests that this is the case to avoid that
it is removed.

This happened in the following PR:
https://github.com/fireeye/capa/pull/591
This caused that the new rules in the following PR were not added to the
CHANGELOG:
https://github.com/fireeye/capa-rules/pull/400
 2021-06-02 12:42:48 +02:00
Ana Maria Martinez Gomez
1a3286beda ci: fix CHANGELOG 
The `-` used by the GitHub actions which updates the rules in the
CHANGELOG was removed in:
https://github.com/fireeye/capa/pull/591
Consequently the new rules added in the last pull request were not added
to the CHANGELOG:
https://github.com/fireeye/capa-rules/pull/400
 2021-06-02 12:12:48 +02:00
Moritz Raabe
94089ff43f parse att&ck for output doc 2021-06-02 10:37:19 +02:00
Capa Bot
8f1ce68e96 Sync capa rules submodule 2021-06-01 17:51:43 +00:00
Willi Ballenthin
8c3605c886 Merge branch 'master' into feature-590 2021-06-01 11:50:40 -06:00
Willi Ballenthin
2756c05889 Merge branch 'master' into feature-159 2021-06-01 11:17:41 -06:00
William Ballenthin
6d08695b38 Merge branch 'master' of github.com:fireeye/capa into feature-590 2021-05-31 09:54:33 -06:00
Moritz Raabe
de96bb763b address code review 2021-05-28 16:52:17 +02:00
Willi Ballenthin
ed02088c82 detect (and short circuit) file limitations at file scope (#586) 
* smda: move pe carve into helpers

* smda: simplify test parametrization/xfail

* extractors: add pefile extractor for file scope features

* pep8

* main: bail early on file limitation detected at file scope

closes #583

* changelog
 2021-05-28 08:14:44 -06:00
Ana María Martínez Gómez
b3fff51002 Merge pull request #584 from Ana06/changelog-GA 
ci: Reject PRs without CHANGELOG update
 2021-05-28 12:09:06 +02:00
Ana Maria Martinez Gomez
84b0bc6439 changelog: Add #584 to CHANGELOG 2021-05-28 11:08:05 +02:00
Willi Ballenthin
bd63ded1dd file scope API features (#568) 
* smda: minor unrelated fixes

* file features: extract API features at file scope for library functions

closes #567

* changelog

* ida: add file-scope API feature

Co-authored-by: mike-hunhoff <mike.hunhoff@gmail.com>

* fix lints from pylance

* features: use "function-name" for recognized linked functions

* pep8

* pep8

* rules: remove incorrect feature scope

* tests: xfail SMDA tests relying on function id

* tests: fixtures: order tests by sample, ideally improving memory usage

* pep8

* pep8

* smda: xfail two more tests

Co-authored-by: mike-hunhoff <mike.hunhoff@gmail.com>
 2021-05-27 12:59:00 -06:00
William Ballenthin
56efb2adfe changelog 2021-05-27 10:28:41 -06:00
William Ballenthin
0a226e8b01 main: use rule scope internal/limitation/file for file limitations, not 
code

closes #390
 2021-05-27 09:18:55 -06:00
Capa Bot
f0fb5fb346 Sync capa rules submodule 2021-05-26 21:03:50 +00:00
Capa Bot
342497b72f Sync capa rules submodule 2021-05-26 07:31:49 +00:00
Moritz Raabe
204d8b36df add or/optional lint and colors 
closes #348
 2021-05-25 16:32:47 +02:00
Capa Bot
a79a547682 Sync capa rules submodule 2021-05-24 15:25:44 +00:00
Capa Bot
bd9812cee4 Sync capa rules submodule 2021-05-24 15:22:21 +00:00
Willi Ballenthin
4cada67b21 Merge branch 'master' into feature-571 2021-05-21 11:14:22 -06:00
Willi Ballenthin
0a203b54cd changelog 2021-05-21 11:13:48 -06:00
Moritz
91f914f5c0 Merge pull request #562 from fireeye/lib-meta-info 
improve progress bar output
 2021-05-21 16:47:52 +02:00
Capa Bot
72da8f3aed Sync capa rules submodule 2021-05-21 07:12:57 +00:00
Moritz Raabe
a8e353fe31 revert rule loading pbar 2021-05-20 14:00:01 +02:00
Moritz Raabe
8a386b6909 improve progress bar output 2021-05-20 13:56:29 +02:00
Ana Maria Martinez Gomez
83606bbc0f changelog: convert capa rules to YARA rules 
Add https://github.com/fireeye/capa/pull/561 to CHANGELOG.
 2021-05-20 11:25:24 +02:00
Moritz
caaeded278 Merge pull request #563 from fireeye/ci/lint-statement-children 
lint statements for single child statements
 2021-05-20 10:41:41 +02:00
Willi Ballenthin
dcf4a056ee show-features: skip library functions (#570) 
* show-features: skip library functions

closes #569

* changelog
 2021-05-20 10:34:48 +02:00
Moritz Raabe
586726fb13 lint statements for single child statements 2021-05-19 18:25:14 +02:00
Capa Bot
760867b81e Sync capa rules submodule 2021-05-17 15:00:45 +00:00
Capa Bot
abeaac0675 Sync capa rules submodule 2021-05-17 10:14:49 +00:00
Capa Bot
8f9f792930 Sync capa rules submodule 2021-05-17 08:36:26 +00:00
Moritz
495a270c99 Update CHANGELOG.md 2021-05-11 16:32:54 +02:00
Capa Bot
fa0809685e Sync capa rules submodule 2021-05-11 11:10:45 +00:00
Ana Maria Martinez Gomez
188966a94b changelog: support multiple authors 
GH didn't support multiple authors, producing a breaking entry in the
last update. Correct the entry and mention the fix in the CHANGELOG.

https://github.com/fireeye/capa/issues/555
 2021-05-11 12:48:30 +02:00