gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2026-06-30 02:03:56 -07:00
Code Issues Packages Projects Releases Wiki Activity
3,050 Commits 55 Branches 49 Tags
b10196cdac6b4794de221b46fe2336098c3cf5cd
Commit Graph

445 Commits

Author SHA1 Message Date
William Ballenthin 89edaf4c5c tests: xfail things that won't work on py3 2020-08-16 05:17:17 -06:00
William Ballenthin 295d3fee5d tests: limit tests to py2/py3 2020-08-16 05:03:57 -06:00
William Ballenthin 0af6386693 tests: fixtures: add ctxmgr for catching xfail 2020-08-16 05:03:23 -06:00
William Ballenthin 1873d0b7c5 *: py3 compat 2020-08-16 05:03:08 -06:00
William Ballenthin c032d556fb tests: freeze: make py3 compatible 2020-08-16 05:02:35 -06:00
William Ballenthin d7f1c23f4d tests: show found number of features when unexpected 2020-08-16 05:01:20 -06:00
William Ballenthin c1b7176e36 submodule: testfiles update 2020-08-14 13:34:43 -06:00
William Ballenthin 259a0a2007 tests: ida: remove old print 2020-08-14 13:15:22 -06:00
William Ballenthin eee565b596 tests: ida: tweak tests to fit IDA behavior 2020-08-14 13:10:38 -06:00
William Ballenthin 26061c25a5 tests: fixtures: add mapping from test data to md5 2020-08-14 12:58:08 -06:00
William Ballenthin 897da4237d tests: fixtures: remove lru_cache on some accessors 2020-08-14 12:48:19 -06:00
William Ballenthin 1923d479d8 tests: fixtures: fix name error 2020-08-14 12:35:30 -06:00
William Ballenthin 6b8bce4f42 tests: fixtures: factor out resolution of scope/sample 2020-08-14 12:34:00 -06:00
William Ballenthin 107a68628b tests: ida: attempt to use new framework (wip) 2020-08-14 12:22:59 -06:00
William Ballenthin 26c9811ba1 tests: viv: fix typo preventing some tests from running 2020-08-14 12:22:39 -06:00
William Ballenthin b784f086b4 tests: make fixtures more consistent in prep for other backends 2020-08-14 12:04:53 -06:00
William Ballenthin 8cbe3f8546 tests: move expected features into fixtures for reuse 
closes #225
 2020-08-14 11:25:00 -06:00
Ana María Martínez Gómez adaac03d1d extractor: remove characteristic(switch) 
Get rid of the `characteristic(switch)` feature as any of our rules use
it and its analysis is not very easy. Analysis results most likely
differ across backends, leading to inconsistency.
 2020-08-13 16:47:01 +02:00
Capa Bot e64277ed41 Sync capa-testfiles submodule 2020-08-12 23:26:45 +00:00
Willi Ballenthin 744b4915c9 Merge pull request #226 from fireeye/enhancement-223 
IDA: resolve nested data references to strings/bytes
 2020-08-12 09:05:11 -06:00
Capa Bot 15607d63ab Sync capa-testfiles submodule 2020-08-11 21:03:00 +00:00
Michael Hunhoff 70b4546c33 adding test for unmapped immediate data reference 2020-08-11 14:13:43 -06:00
Michael Hunhoff 791afd7ac8 adding code to emit number feature for unmapped immediate data reference 2020-08-11 14:12:41 -06:00
Michael Hunhoff 79d94144c6 adding IDA extractor code to resolve nested data references for string and bytes features 2020-08-11 08:44:44 -06:00
Capa Bot 7d62156a29 Sync capa-testfiles submodule 2020-08-11 07:12:56 +00:00
Capa Bot 23d31c3c2c Sync capa-testfiles submodule 2020-08-05 18:50:52 +00:00
William Ballenthin 4bb13d6075 tests: ida: fix offset arch test 2020-08-04 10:35:10 -06:00
William Ballenthin e74b80a318 extractors: ida: add helper method get_function 2020-08-04 10:32:24 -06:00
William Ballenthin e4acfd4852 merge 2020-08-04 09:48:26 -06:00
William Ballenthin f02412bcc5 tests: fix function address 2020-08-03 19:10:05 -06:00
William Ballenthin b09f29a996 features: viv: extract strings/bytes from nested pointers 
closes #200
 2020-08-03 17:35:29 -06:00
William Ballenthin b81b5e5993 rules: add support for arch flavors of Number and Offset features 
closes #210
 2020-08-03 16:28:47 -06:00
Capa Bot 9d069b11ba Sync capa-testfiles submodule 2020-08-03 16:04:03 +00:00
Capa Bot 52f9615d63 Sync capa-testfiles submodule 2020-07-31 21:17:04 +00:00
Capa Bot 6f689574d5 Sync capa-testfiles submodule 2020-07-31 15:43:08 +00:00
Capa Bot 96f207ca1f Sync capa-testfiles submodule 2020-07-29 21:13:21 +00:00
William Ballenthin c2bdeabeb8 submodule: testfiles update 2020-07-28 10:44:39 -06:00
Willi Ballenthin 137c0ca7f3 Merge pull request #209 from Ana06/statement-description 
Enable descriptions for statement nodes
 2020-07-28 10:02:07 -06:00
Capa Bot 01aa4755c5 Sync capa-testfiles submodule 2020-07-28 16:00:10 +00:00
Ana María Martínez Gómez 61818bbe04 tests: Test statement nodes descriptions 
Add statement descriptions to `test_rule_yaml_descriptions` to ensure
rules with statement descriptions are parsed and extracted correctly.
 2020-07-28 15:58:55 +02:00
Ana María Martínez Gómez a74ab922a3 Get rid of * for Statement 
They are not needed and complicate the code and make more difficult to
add more parameters to the initialization of Statements.

This produces many changes in the tests. The alternative would be to add
a parameter None in all of them, which are also a lot of changes.
 2020-07-28 14:20:13 +02:00
Capa Bot 261713d0d1 Sync capa-testfiles submodule 2020-07-27 21:05:14 +00:00
William Ballenthin 7236283b2f tests: ida: address comments 2020-07-25 11:40:04 -06:00
William Ballenthin 2fa2a98ae1 pep8 2020-07-25 10:26:57 -06:00
William Ballenthin 352d6f26fc tests: ida: ensure they all pass 
closes #202
 2020-07-25 10:10:25 -06:00
William Ballenthin 1a1caf76fa add test_ida_features 2020-07-25 01:41:23 -06:00
William Ballenthin c91f9a375e ida: parse offsets as signed numbers 
closes #197
 2020-07-25 00:58:44 -06:00
William Ballenthin 682bb14b99 submodule: testfiles update 2020-07-24 15:23:34 -06:00
William Ballenthin 12cff3599a submodule: testfiles update 2020-07-23 17:20:16 -06:00
Capa Bot 20673a3166 Sync capa-testfiles submodule 2020-07-23 17:27:15 +00:00