Michael Hunhoff
e1a8641399
fixes 462, default to empty string when accessing rule path stored in ida_settings
2021-03-09 12:09:35 -07:00
Capa Bot
cffac62e68
Sync capa rules submodule
2021-03-09 10:00:48 +00:00
Ana María Martínez Gómez
7a8c0572e9
Merge pull request #455 from Ana06/v1-6-0
v1.6.0
2021-03-09 10:48:01 +01:00
Ana Maria Martinez Gomez
5596d5f8b2
version: bump to v1.6.0
2021-03-09 10:36:26 +01:00
Ana Maria Martinez Gomez
06fd02cd61
changelog: v1.6.0
...
This release adds the capa explorer rule generator plugin for IDA Pro,
vivisect support for Python 3 and 12 new rules. We appreciate everyone
who opened issues, provided feedback, and contributed code and rules.
Thank you also to the vivisect development team (rakuy0, atlas0
fd00m) for the Python 3 support (v1.0.0) and the fixes for Python 2
(v0.2.1). This is the last capa release which supports Python 2. Next
release will be Python 3 only.
2021-03-09 10:36:26 +01:00
Capa Bot
6b9d1047cf
Sync capa rules submodule
2021-03-08 19:39:47 +00:00
Ana Maria Martinez Gomez
a7b3fd72ca
changelog: v1.5.1
2021-03-08 20:09:31 +01:00
Ana María Martínez Gómez
dd3deb2358
Merge pull request #454 from fireeye/mr-tz-patch-1
...
setup: bump viv to 0.2.1
2021-03-08 11:36:18 +01:00
Moritz
c99fce3183
setup: bump viv to 0.2.1
2021-03-08 09:07:04 +01:00
William Ballenthin
4db6227d84
ci: build: test exe: run in debug mode to see messages
2021-03-05 15:49:31 -07:00
William Ballenthin
30e1d409dd
pyinstaller: package default signatures into standalone exe
2021-03-05 15:46:23 -07:00
William Ballenthin
ff8a6f1d57
main: use default signature set found in source directory
2021-03-05 15:45:56 -07:00
William Ballenthin
9b5d6f8df0
ci: enable test building of standalone exe in CI
2021-03-05 15:35:42 -07:00
William Ballenthin
1e8919c6e6
pep8
2021-03-05 15:27:44 -07:00
William Ballenthin
1ee7b7b856
merge master
2021-03-05 15:23:47 -07:00
Willi Ballenthin
3e55581bf7
Merge pull request #450 from fireeye/feature-refactor-args
...
refactor common cli argument handling
2021-03-05 15:07:50 -07:00
Willi Ballenthin
dfbe1418d4
Merge pull request #452 from fireeye/feature-py3-pyinstaller
...
pyinstaller: update for py3/pyinstaller 4.2
2021-03-05 15:06:47 -07:00
William Ballenthin
7671fca373
pep8
2021-03-05 13:27:16 -07:00
William Ballenthin
c01dde3fb2
ci: disable test building of pyinstaller upon push
2021-03-05 13:26:15 -07:00
William Ballenthin
bb17adeda2
pyinstaller: smda: collect capstone shared library
2021-03-05 13:23:15 -07:00
Willi Ballenthin
9f743f1c59
main: fix reference error
2021-03-05 13:19:54 -07:00
William Ballenthin
ee85c929da
pyinstaller: install capstone for smda
2021-03-05 12:59:21 -07:00
William Ballenthin
6f9c660082
ci: test pyinstaller CI
2021-03-05 12:55:19 -07:00
William Ballenthin
e02bb7f5a1
pep8
2021-03-05 12:53:50 -07:00
William Ballenthin
9aaaa044da
ci: use py3.9 and pyinstaller 4.2 to build standalone binaries
2021-03-05 12:52:38 -07:00
William Ballenthin
54da8444df
pyinstaller: update for py3/pyinstaller 4.2
...
closes #451
2021-03-05 12:40:21 -07:00
William Ballenthin
063e1229bc
pep8
2021-03-05 11:10:12 -07:00
William Ballenthin
eacd70329a
merge from master, sorry
2021-03-05 11:06:40 -07:00
William Ballenthin
3a1d5d068c
scripts: use common argument handler
...
closes #449
2021-03-05 10:58:40 -07:00
William Ballenthin
f2749d884f
main: factor out common cli argument handling
...
ref #449
2021-03-05 10:57:39 -07:00
William Ballenthin
bdea61f93b
scripts: remove old migration script
2021-03-05 10:57:14 -07:00
William Ballenthin
6006e87c5e
pep8
2021-03-05 09:40:43 -07:00
William Ballenthin
1e8161b24e
setup: bump viv-utils for FLIRT
2021-03-05 09:39:47 -07:00
William Ballenthin
a3e6d1b611
scripts: add helper to show function id matches
2021-03-05 08:38:02 -07:00
William Ballenthin
1a93999cc0
capa: main: factor loading of flirt signatures into its own routine
2021-03-05 08:34:33 -07:00
William Ballenthin
53684adbdd
sigs: add license to test files
2021-03-04 18:07:34 -07:00
William Ballenthin
d3caecc551
pep8
2021-03-04 18:06:06 -07:00
William Ballenthin
004ddb3e66
main: load gzip compressed .pat files
2021-03-04 18:04:46 -07:00
William Ballenthin
20894124e6
tests: test FLIRT matching
2021-03-04 15:50:05 -07:00
William Ballenthin
22c4e3b8c2
viv: cleanup flirt changes
2021-03-04 15:46:14 -07:00
William Ballenthin
c2a4629c62
scripts: add cli arguments to specify signatures
2021-03-04 15:04:33 -07:00
William Ballenthin
c0f4fe6867
merge master
2021-03-04 14:59:17 -07:00
William Ballenthin
f2c95568bd
main: add FLIRT signature matching configuration
2021-03-04 14:52:22 -07:00
William Ballenthin
358aab85e7
viv: move FLIRT matching into viv-utils
2021-03-04 14:51:40 -07:00
Ana María Martínez Gómez
829274cd5e
Merge pull request #421 from Ana06/viv-py3
2021-03-03 21:40:08 +01:00
Ana Maria Martinez Gomez
c522f5094a
Use -j option in test_backend_option
...
Use `-j` option in `test_backend_option` to check the extractor and that
rules have been extracted. This way we don't need to check if a concrete
rule matches, but only that at least a rule matches.
2021-03-03 18:33:20 +01:00
Ana Maria Martinez Gomez
29b6772721
Test backend option
...
As `get_extractor` returns only vivisect now, `test_main` is not run for
smda. Test that capa works with all backends. It doesn't test that the
backend is actually called.
2021-03-03 17:36:51 +01:00
Ana Maria Martinez Gomez
695b5b50ab
Remove va not None check
...
Instead of checking if `va` is `None in `get_section()` we should avoid
calling this function with `None`. This have been fixed in the following
PR, so this is not longer needed:
https://github.com/fireeye/capa/pull/442
2021-03-03 17:36:51 +01:00
Ana Maria Martinez Gomez
42af7b2d8b
Use default backend instead of None
...
Set the `backend` variable to the default backend by default instead to
`None`. The `backend` variable is needed in Python 2 as `args.backend`
is only set in Python 3. Although the value of the backend variable is
ignored in Python 2, so that the default value is not used.
Co-authored-by: William Ballenthin <william.ballenthin@fireeye.com >
2021-03-03 17:36:51 +01:00
Ana Maria Martinez Gomez
079a9b5204
Remove backend option from Python 2
...
Do only provide the backend option in Python 3, as there is only one
backend in Python 2. This way we keep the help text simpler.
2021-03-03 17:36:51 +01:00