Commit Graph

3050 Commits

Author SHA1 Message Date
Michael Hunhoff e1a8641399 fixes 462, default to empty string when accessing rule path stored in ida_settings 2021-03-09 12:09:35 -07:00
Capa Bot cffac62e68 Sync capa rules submodule 2021-03-09 10:00:48 +00:00
Ana María Martínez Gómez 7a8c0572e9 Merge pull request #455 from Ana06/v1-6-0 v1.6.0 2021-03-09 10:48:01 +01:00
Ana Maria Martinez Gomez 5596d5f8b2 version: bump to v1.6.0 2021-03-09 10:36:26 +01:00
Ana Maria Martinez Gomez 06fd02cd61 changelog: v1.6.0
This release adds the capa explorer rule generator plugin for IDA Pro,
vivisect support for Python 3 and 12 new rules. We appreciate everyone
who opened issues, provided feedback, and contributed code and rules.
Thank you also to the vivisect development team (rakuy0, atlas0
fd00m) for the Python 3 support (v1.0.0) and the fixes for Python 2
(v0.2.1). This is the last capa release which supports Python 2. Next
release will be Python 3 only.
2021-03-09 10:36:26 +01:00
Capa Bot 6b9d1047cf Sync capa rules submodule 2021-03-08 19:39:47 +00:00
Ana Maria Martinez Gomez a7b3fd72ca changelog: v1.5.1 2021-03-08 20:09:31 +01:00
Ana María Martínez Gómez dd3deb2358 Merge pull request #454 from fireeye/mr-tz-patch-1
setup: bump viv to 0.2.1
2021-03-08 11:36:18 +01:00
Moritz c99fce3183 setup: bump viv to 0.2.1 2021-03-08 09:07:04 +01:00
William Ballenthin 4db6227d84 ci: build: test exe: run in debug mode to see messages 2021-03-05 15:49:31 -07:00
William Ballenthin 30e1d409dd pyinstaller: package default signatures into standalone exe 2021-03-05 15:46:23 -07:00
William Ballenthin ff8a6f1d57 main: use default signature set found in source directory 2021-03-05 15:45:56 -07:00
William Ballenthin 9b5d6f8df0 ci: enable test building of standalone exe in CI 2021-03-05 15:35:42 -07:00
William Ballenthin 1e8919c6e6 pep8 2021-03-05 15:27:44 -07:00
William Ballenthin 1ee7b7b856 merge master 2021-03-05 15:23:47 -07:00
Willi Ballenthin 3e55581bf7 Merge pull request #450 from fireeye/feature-refactor-args
refactor common cli argument handling
2021-03-05 15:07:50 -07:00
Willi Ballenthin dfbe1418d4 Merge pull request #452 from fireeye/feature-py3-pyinstaller
pyinstaller: update for py3/pyinstaller 4.2
2021-03-05 15:06:47 -07:00
William Ballenthin 7671fca373 pep8 2021-03-05 13:27:16 -07:00
William Ballenthin c01dde3fb2 ci: disable test building of pyinstaller upon push 2021-03-05 13:26:15 -07:00
William Ballenthin bb17adeda2 pyinstaller: smda: collect capstone shared library 2021-03-05 13:23:15 -07:00
Willi Ballenthin 9f743f1c59 main: fix reference error 2021-03-05 13:19:54 -07:00
William Ballenthin ee85c929da pyinstaller: install capstone for smda 2021-03-05 12:59:21 -07:00
William Ballenthin 6f9c660082 ci: test pyinstaller CI 2021-03-05 12:55:19 -07:00
William Ballenthin e02bb7f5a1 pep8 2021-03-05 12:53:50 -07:00
William Ballenthin 9aaaa044da ci: use py3.9 and pyinstaller 4.2 to build standalone binaries 2021-03-05 12:52:38 -07:00
William Ballenthin 54da8444df pyinstaller: update for py3/pyinstaller 4.2
closes #451
2021-03-05 12:40:21 -07:00
William Ballenthin 063e1229bc pep8 2021-03-05 11:10:12 -07:00
William Ballenthin eacd70329a merge from master, sorry 2021-03-05 11:06:40 -07:00
William Ballenthin 3a1d5d068c scripts: use common argument handler
closes #449
2021-03-05 10:58:40 -07:00
William Ballenthin f2749d884f main: factor out common cli argument handling
ref #449
2021-03-05 10:57:39 -07:00
William Ballenthin bdea61f93b scripts: remove old migration script 2021-03-05 10:57:14 -07:00
William Ballenthin 6006e87c5e pep8 2021-03-05 09:40:43 -07:00
William Ballenthin 1e8161b24e setup: bump viv-utils for FLIRT 2021-03-05 09:39:47 -07:00
William Ballenthin a3e6d1b611 scripts: add helper to show function id matches 2021-03-05 08:38:02 -07:00
William Ballenthin 1a93999cc0 capa: main: factor loading of flirt signatures into its own routine 2021-03-05 08:34:33 -07:00
William Ballenthin 53684adbdd sigs: add license to test files 2021-03-04 18:07:34 -07:00
William Ballenthin d3caecc551 pep8 2021-03-04 18:06:06 -07:00
William Ballenthin 004ddb3e66 main: load gzip compressed .pat files 2021-03-04 18:04:46 -07:00
William Ballenthin 20894124e6 tests: test FLIRT matching 2021-03-04 15:50:05 -07:00
William Ballenthin 22c4e3b8c2 viv: cleanup flirt changes 2021-03-04 15:46:14 -07:00
William Ballenthin c2a4629c62 scripts: add cli arguments to specify signatures 2021-03-04 15:04:33 -07:00
William Ballenthin c0f4fe6867 merge master 2021-03-04 14:59:17 -07:00
William Ballenthin f2c95568bd main: add FLIRT signature matching configuration 2021-03-04 14:52:22 -07:00
William Ballenthin 358aab85e7 viv: move FLIRT matching into viv-utils 2021-03-04 14:51:40 -07:00
Ana María Martínez Gómez 829274cd5e Merge pull request #421 from Ana06/viv-py3 2021-03-03 21:40:08 +01:00
Ana Maria Martinez Gomez c522f5094a Use -j option in test_backend_option
Use `-j` option in `test_backend_option` to check the extractor and that
rules have been extracted. This way we don't need to check if a concrete
rule matches, but only that at least a rule matches.
2021-03-03 18:33:20 +01:00
Ana Maria Martinez Gomez 29b6772721 Test backend option
As `get_extractor` returns only vivisect now, `test_main` is not run for
smda. Test that capa works with all backends. It doesn't test that the
backend is actually called.
2021-03-03 17:36:51 +01:00
Ana Maria Martinez Gomez 695b5b50ab Remove va not None check
Instead of checking if `va` is `None in `get_section()` we should avoid
calling this function with `None`. This have been fixed in the following
PR, so this is not longer needed:
https://github.com/fireeye/capa/pull/442
2021-03-03 17:36:51 +01:00
Ana Maria Martinez Gomez 42af7b2d8b Use default backend instead of None
Set the `backend` variable to the default backend by default instead to
`None`. The `backend` variable is needed in Python 2 as `args.backend`
is only set in Python 3. Although the value of the backend variable is
ignored in Python 2, so that the default value is not used.

Co-authored-by: William Ballenthin <william.ballenthin@fireeye.com>
2021-03-03 17:36:51 +01:00
Ana Maria Martinez Gomez 079a9b5204 Remove backend option from Python 2
Do only provide the backend option in Python 3, as there is only one
backend in Python 2. This way we keep the help text simpler.
2021-03-03 17:36:51 +01:00