gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-01-01 07:26:22 -08:00
Code Issues Packages Projects Releases Wiki Activity
563 Commits 41 Branches 48 Tags
b09f29a9961d28fef8df8208e80090f7dfab33da
Commit Graph

64 Commits

Author SHA1 Message Date
William Ballenthin
b09f29a996 features: viv: extract strings/bytes from nested pointers 
closes #200
 2020-08-03 17:35:29 -06:00
Capa Bot
9d069b11ba Sync capa-testfiles submodule 2020-08-03 16:04:03 +00:00
Capa Bot
52f9615d63 Sync capa-testfiles submodule 2020-07-31 21:17:04 +00:00
Capa Bot
6f689574d5 Sync capa-testfiles submodule 2020-07-31 15:43:08 +00:00
Capa Bot
96f207ca1f Sync capa-testfiles submodule 2020-07-29 21:13:21 +00:00
William Ballenthin
c2bdeabeb8 submodule: testfiles update 2020-07-28 10:44:39 -06:00
Willi Ballenthin
137c0ca7f3 Merge pull request #209 from Ana06/statement-description 
Enable descriptions for statement nodes
 2020-07-28 10:02:07 -06:00
Capa Bot
01aa4755c5 Sync capa-testfiles submodule 2020-07-28 16:00:10 +00:00
Ana María Martínez Gómez
61818bbe04 tests: Test statement nodes descriptions 
Add statement descriptions to `test_rule_yaml_descriptions` to ensure
rules with statement descriptions are parsed and extracted correctly.
 2020-07-28 15:58:55 +02:00
Ana María Martínez Gómez
a74ab922a3 Get rid of * for Statement 
They are not needed and complicate the code and make more difficult to
add more parameters to the initialization of Statements.

This produces many changes in the tests. The alternative would be to add
a parameter None in all of them, which are also a lot of changes.
 2020-07-28 14:20:13 +02:00
Capa Bot
261713d0d1 Sync capa-testfiles submodule 2020-07-27 21:05:14 +00:00
William Ballenthin
7236283b2f tests: ida: address comments 2020-07-25 11:40:04 -06:00
William Ballenthin
2fa2a98ae1 pep8 2020-07-25 10:26:57 -06:00
William Ballenthin
352d6f26fc tests: ida: ensure they all pass 
closes #202
 2020-07-25 10:10:25 -06:00
William Ballenthin
1a1caf76fa add test_ida_features 2020-07-25 01:41:23 -06:00
William Ballenthin
c91f9a375e ida: parse offsets as signed numbers 
closes #197
 2020-07-25 00:58:44 -06:00
William Ballenthin
682bb14b99 submodule: testfiles update 2020-07-24 15:23:34 -06:00
William Ballenthin
12cff3599a submodule: testfiles update 2020-07-23 17:20:16 -06:00
Capa Bot
20673a3166 Sync capa-testfiles submodule 2020-07-23 17:27:15 +00:00
Capa Bot
662a750c71 Sync capa-testfiles submodule 2020-07-22 21:37:43 +00:00
William Ballenthin
baeea5b6ec *: update license header to reference Apache 2.0 
closes #173
 2020-07-22 15:05:24 -06:00
Capa Bot
c5626b695b Sync capa-testfiles submodule 2020-07-22 18:07:40 +00:00
Capa Bot
f383181fed Sync capa-testfiles submodule 2020-07-17 17:34:44 +00:00
Ana María Martínez Gómez
07764fb31f Use isort 5 
Run `isort --profile black --length-sort --line-width 120 .`

Update documentation as well.
 2020-07-16 22:02:53 +02:00
William Ballenthin
f1fa4e134a submodule: testfiles update 2020-07-15 19:11:39 -06:00
Ana María Martínez Gómez
78dae308c2 Add test for RegExp descriptions 
Now that RegExp are a feature, ensure that descriptions are working.
 2020-07-15 22:37:38 +02:00
William Ballenthin
3faf175da7 *: add license header 
closes #144
 2020-07-15 14:14:53 -06:00
William Ballenthin
61264bc500 submodule: update 2020-07-14 09:06:59 -06:00
William Ballenthin
867de57062 main: find_capabilities: extract feature counts per item, too 
closes #95
closes #96
 2020-07-03 10:12:03 -06:00
William Ballenthin
5317e1e11e feature extractor: null: add get_base_address() 
closes #88
 2020-07-03 09:32:37 -06:00
Michael Hunhoff
d5a8c844db remove format changes added by black 2020-07-03 12:30:33 -06:00
Michael Hunhoff
f09e683ef5 removing stale imports 2020-07-03 12:24:17 -06:00
Moritz
6730eb1c5e Merge pull request #83 from fireeye/fix-count-bb 
fix #78 count bb
 2020-07-03 08:55:09 +02:00
William Ballenthin
a50bd4c394 pep8 2020-07-02 15:51:08 -06:00
William Ballenthin
9ad52da6d0 add test for #78 2020-07-02 15:50:56 -06:00
Moritz Raabe
8b5f58bf31 ensure string feature values are strings, tests 2020-07-02 23:44:39 +02:00
William Ballenthin
612eefe2e8 dos2unix 2020-07-02 11:08:21 -06:00
William Ballenthin
8f7cb6dad0 pep8 2020-07-02 11:01:18 -06:00
William Ballenthin
41c32013bb Merge branch 'master' into fmt-black 2020-07-02 11:00:14 -06:00
William Ballenthin
1188103d1c pep8: isort 2020-07-02 10:52:05 -06:00
Moritz Raabe
c37365f045 fix render, cleanup feature string display 2020-07-02 18:48:14 +02:00
William Ballenthin
5fda3c467f tests: fix freeze test that was broken during merge 2020-07-02 10:40:16 -06:00
William Ballenthin
c185e9ef09 pep8: black 2020-07-02 10:32:26 -06:00
William Ballenthin
db2b1caeae Merge branch 'master' into fmt-black 2020-07-02 10:25:24 -06:00
Ana María Martínez Gómez
152129cc25 Add tests for description feature 
Test if the parsing of feature succeeds with every time of description.
 2020-07-02 16:50:28 +02:00
Ana María Martínez Gómez
64124c0b64 Remove True from Characteristic rules and output 
Get rid of `True` in characteristic (rules, output and json) as it is
implicit. This way, the same syntax is used for characteristic as for
the rest of the features.

Co-authored-by: William Ballenthin <william.ballenthin@fireeye.com>
 2020-07-02 16:50:15 +02:00
William Ballenthin
d23ef48bb6 pep8 2020-07-01 12:33:13 -06:00
William Ballenthin
9aba2eb3a5 rules: range: correct handling of range with min==0 
closes #57
 2020-06-30 00:44:22 -06:00
William Ballenthin
970977ade5 tests: demonstrate a bit more depth to namespace matching 2020-06-30 00:20:40 -06:00
William Ballenthin
e2296f0f40 Merge branch 'master' of github.com:fireeye/capa into match-namespaces 2020-06-30 00:18:44 -06:00