Commit Graph

3050 Commits

Author SHA1 Message Date
Moritz 9ce0c94e17 Merge pull request #379 from fireeye/fix/nzxor-xor-instructions
add more xor instructions
2020-12-08 09:37:35 +01:00
Moritz Raabe 08c3372635 add more xor instructions 2020-12-08 09:21:50 +01:00
Capa Bot 2fafc70b69 Sync capa-testfiles submodule 2020-12-07 18:06:53 +00:00
Capa Bot 0e62ebe3a2 Sync capa-testfiles submodule 2020-12-07 17:16:01 +00:00
Moritz 1cc4d20b89 Merge pull request #373 from fireeye/ci/setup-dependabot
add dependabot config
2020-12-07 18:03:57 +01:00
Capa Bot af4889894a Sync capa rules submodule 2020-12-04 08:31:42 +00:00
Moritz 429a5e1ea3 Merge pull request #378 from fireeye/fix/viv-string-extractor
fix: add viv extract strings for i386ImmMemOper operands
2020-12-04 08:55:23 +01:00
Moritz Raabe 4ef860eb07 fix: add viv extract strings for i386ImmMemOper operands 2020-12-03 20:24:29 +01:00
Capa Bot b59ebf30c6 Sync capa-testfiles submodule 2020-12-03 18:57:45 +00:00
Capa Bot a1ae8d54a6 Sync capa rules submodule 2020-12-02 15:24:15 +00:00
Capa Bot 8155207bea Sync capa rules submodule 2020-12-02 15:13:30 +00:00
Capa Bot 337d2cfa6d Sync capa rules submodule 2020-12-02 15:12:27 +00:00
Capa Bot df2229782b Sync capa rules submodule 2020-12-02 15:08:55 +00:00
doomedraven 5920552649 small improvements 2020-12-01 20:31:56 +01:00
doomedraven b4827fcb00 add render to dict, is the same as default but just in dictionary so simplifies the integrations 2020-12-01 19:43:54 +01:00
Willi Ballenthin 63983ccb65 Merge pull request #372 from doomedraven/patch-1
Simple example how to use capa as library
2020-12-01 06:56:44 -07:00
Willi Ballenthin eac7e2b749 capa_as_library: style and comments 2020-12-01 06:54:55 -07:00
Moritz Raabe 65a365bca1 update halo requirements py2/3 2020-12-01 11:46:53 +01:00
Moritz Raabe fecd0e11eb add dependabot config 2020-12-01 11:46:14 +01:00
doomedraven 51ad526cfc Simple example how to use capa as library
Just quick example how to use capa as library, to save time to someone, reading code and scripts
2020-12-01 11:20:49 +01:00
Moritz 10a062017d Merge pull request #370 from fireeye/pin-smda
pin smda
2020-12-01 11:10:23 +01:00
Moritz Raabe 0d351794db pin smda
addresses #369
2020-12-01 11:02:36 +01:00
Capa Bot 067e3ffced Sync capa-testfiles submodule 2020-11-30 19:36:59 +00:00
Capa Bot 50d55fae56 Sync capa-testfiles submodule 2020-11-23 17:55:56 +00:00
Capa Bot ce63628d3d Sync capa rules submodule 2020-11-19 15:43:59 +00:00
Capa Bot 13df7f90f6 Sync capa rules submodule 2020-11-19 15:09:24 +00:00
Capa Bot f5099b873d Sync capa rules submodule 2020-11-19 11:40:38 +00:00
Capa Bot 70eb38895d Sync capa-testfiles submodule 2020-11-18 16:28:34 +00:00
Capa Bot 7aea9fa1d2 Sync capa rules submodule 2020-11-16 19:38:02 +00:00
Capa Bot 5d30be31e0 Sync capa rules submodule 2020-11-16 09:44:08 +00:00
Capa Bot 7abe66e3de Sync capa rules submodule 2020-11-16 06:40:23 +00:00
mike-hunhoff 49ef5e5e64 Merge pull request #364 from fireeye/viv/fix-353
improve viv extractor unicode string detection
2020-11-10 17:56:47 -07:00
Michael Hunhoff c2266bc105 improve viv extractor unicode string detection with supporting unit test 2020-11-10 12:23:07 -07:00
Moritz a813e219e6 Merge pull request #363 from fireeye/williballenthin-patch-1
ci: disable py3.9 testing
2020-11-09 21:14:36 +01:00
Moritz 1c1fb20546 Merge pull request #355 from danielplohmann/backend-smda
initial commit for backend-smda
2020-11-09 21:13:51 +01:00
Willi Ballenthin 65feb60bb8 ci: disable py3.9 testing 2020-11-09 13:06:37 -07:00
Daniel Plohmann (jupiter) f7492c7dc7 throw UnsupportedRuntimeError if SmdaFeatureExtractor is used with a Python version < 3.0 2020-11-09 16:20:08 +01:00
Moritz Raabe dfc805b89b improvements for PR #355 2020-11-09 13:39:19 +01:00
Moritz Raabe 75defc13a0 disable fail-fast for tests job 2020-11-09 13:22:23 +01:00
Daniel Plohmann (jupiter) 7d4888bb77 addressing the comments in the PR discussion 2020-11-06 10:09:06 +01:00
Daniel Plohmann (jupiter) 1a34029171 Merge branch 'master' of github.com:fireeye/capa into backend-smda 2020-11-06 09:50:09 +01:00
Willi Ballenthin f6ad4652e4 Merge pull request #358 from fireeye/doc/pyinstaller
document PyInstaller build process
2020-11-05 09:19:51 -07:00
pnx@pyrite 1e25604b0b replacement test for nested x64 thunks - still needs to be verified for vivisect 2020-11-05 16:31:47 +01:00
pnx@pyrite 3a43ffa641 adjusted identification of thunks via SMDA. 2020-11-05 12:58:07 +01:00
Capa Bot 8f6bcf3d98 Sync capa rules submodule 2020-11-03 14:23:36 +00:00
Moritz Raabe 0fd9753681 document PyInstaller build process
closes #357
2020-11-03 15:03:32 +01:00
Capa Bot 76a04dfe25 Sync capa rules submodule 2020-11-03 13:20:30 +00:00
Capa Bot 16317182e3 Sync capa-testfiles submodule 2020-11-03 13:14:45 +00:00
Daniel Plohmann (jupiter) 6bcdf64f67 formatting 2020-10-30 15:34:02 +01:00
Daniel Plohmann (jupiter) d276a07a71 comments on a test where disassembly differs among backends 2020-10-30 15:29:38 +01:00