gitea-mirror/capa
1
0
Fork 0
mirror of https://github.com/mandiant/capa.git synced 2025-12-28 13:43:55 -08:00
Code Issues Packages Projects Releases Wiki Activity
5,611 Commits 45 Branches 48 Tags
b4aa65daa1759ea26cf6b83082e348bce74b5118
Commit Graph

5611 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ana Maria Martinez Gomez
b4aa65daa1 [CONTRIBUTING] Use Google's Code of Conduct 
Use Google's default Code of Conduct for consistency with other Google's
projects.
 2025-01-15 08:52:42 -07:00
Ana Maria Martinez Gomez
bf9753ef93 [CONTRIBUTING] Improve CLA information 
Improve CLA information to adhere to Google policies.
 2025-01-15 08:52:42 -07:00
Ana Maria Martinez Gomez
f768f684b5 [LICENSE] Correct LICENSE file 
Replace LICENSE text file with the official Apache one:
https://www.apache.org/licenses/LICENSE-2.0.txt

This changes `Copyright (C) 2021 Mandiant, Inc.` by the following
template language that had been incorrectly replaced:
`Copyright [yyyy] [name of copyright owner]`
 2025-01-15 08:52:42 -07:00
Mike Hunhoff
c3c93685e2 vmray: skip non-printable strings (#2551) 2025-01-08 08:40:32 -07:00
Capa Bot
462e11443e Sync capa rules submodule 2025-01-07 20:03:05 +00:00
Moritz
32d6181f02 Merge pull request #2541 from mandiant/dependabot/npm_and_yarn/web/explorer/nanoid-3.3.8 
build(deps): bump nanoid from 3.3.7 to 3.3.8 in /web/explorer
 2024-12-17 14:29:32 +01:00
Moritz
6cf944b321 Merge pull request #2542 from mandiant/dependabot/pip/flake8-bugbear-24.12.12 
build(deps): bump flake8-bugbear from 24.10.31 to 24.12.12
 2024-12-17 14:29:19 +01:00
Moritz
369fbc713e Merge pull request #2538 from mandiant/williballenthin-patch-1 
readme: avoid scroll on github homepage
 2024-12-17 14:28:24 +01:00
Moritz
e3a1dbfac2 Merge pull request #2537 from mandiant/fix/vmray-improvements 
VMRay and dynamic improvements
 2024-12-17 14:27:52 +01:00
dependabot[bot]
e5fe935a8e build(deps): bump flake8-bugbear from 24.10.31 to 24.12.12 
Bumps [flake8-bugbear](https://github.com/PyCQA/flake8-bugbear) from 24.10.31 to 24.12.12.
- [Release notes](https://github.com/PyCQA/flake8-bugbear/releases)
- [Commits](https://github.com/PyCQA/flake8-bugbear/compare/24.10.31...24.12.12)

---
updated-dependencies:
- dependency-name: flake8-bugbear
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-16 14:12:27 +00:00
dependabot[bot]
233f8dcf9f build(deps): bump nanoid from 3.3.7 to 3.3.8 in /web/explorer 
Bumps [nanoid](https://github.com/ai/nanoid) from 3.3.7 to 3.3.8.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ai/nanoid/compare/3.3.7...3.3.8)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-12-16 03:58:18 +00:00
mr-tz
51d606bc0d use default emptry list for ElfFileSection 2024-12-13 11:51:47 +00:00
Willi Ballenthin
2b46796d08 Update README.md 
Co-authored-by: Mike Hunhoff <mike.hunhoff@gmail.com>
 2024-12-12 18:49:39 +01:00
Willi Ballenthin
81f7f43b5b readme: avoid scroll on github homepage 2024-12-12 14:17:46 +01:00
mr-tz
1f34795fce vmray and dynamic updates 2024-12-12 10:12:14 +00:00
mr-tz
06f0012183 only check file limitations for static file formats 2024-12-12 10:10:35 +00:00
mr-tz
55720ddbfd make more fields optional for more flexible model 
tmp
 2024-12-12 10:10:32 +00:00
mr-tz
893378c10e record origin_monitor_id for more reliable process association 
tmp
 2024-12-12 09:51:08 +00:00
Moritz
1a82b9d0c5 Merge pull request #2536 from mandiant/release/v801 
update to v8.0.1
v8.0.1 		2024-12-09 18:11:38 +01:00
mr-tz
3cbc184020 update to v8.0.1 2024-12-09 16:19:30 +00:00
Moritz
347601a112 Merge pull request #2535 from mandiant/fix/ida-find_byte_sequence 
handle IDA 8.3/8.4 vs. 9.0 API change
 2024-12-09 17:11:33 +01:00
mr-tz
8a02b0773d handle IDA 8.3/8.4 vs. 9.0 API change 2024-12-09 15:06:38 +00:00
Moritz
f11661f8f2 release v8.0.0 (#2529) 
* update to v8.0.0

* update website v8.0.0
v8.0.0 		2024-12-09 14:15:46 +01:00
Capa Bot
518dc3381c Sync capa rules submodule 2024-12-09 10:30:27 +00:00
Willi Ballenthin
5c60adaf96 BinExport2: better handle weird Ghidra expressions 
analogous to the inspect-binexport2 issues reported in #2528 and #2530,
but this fixes the feature extractor.
 2024-12-09 11:27:11 +01:00
Willi Ballenthin
4ab8d75629 changelog 2024-12-09 11:27:11 +01:00
Willi Ballenthin
51d852d1b3 inspect-binexport: better handle MSRs exported by Ghidra 
closes #2530
 2024-12-09 11:27:11 +01:00
Willi Ballenthin
aa8e4603d1 inspect-binexport2: render aarch64 vector element sizes 
closes #2528
 2024-12-09 11:27:11 +01:00
Willi Ballenthin
6c61a91778 main: use two lines when warning about stack trace 2024-12-09 11:27:11 +01:00
Capa Bot
e633e34517 Sync capa rules submodule 2024-12-09 09:52:22 +00:00
Willi Ballenthin
9c72c9067b binexport2: better pruning of comma expressions with a single child 2024-12-06 07:19:39 +01:00
Willi Ballenthin
168435cf75 changelog 2024-12-06 07:19:39 +01:00
Willi Ballenthin
5fdf7e61e2 inspect-binexport2: better render ARM lsl/lsr and pruned expressions 2024-12-06 07:19:39 +01:00
Willi Ballenthin
95fc747e6f binexport2: prune operands more precisely 2024-12-06 07:19:39 +01:00
Willi Ballenthin
1f374e4986 binexport2: fix handling of incorrect thunks (#2526) 
* binexport2: fix handling of incorrect thunks

closes #2524

* changelog
 2024-12-05 14:36:09 +01:00
Harshit Wadhwani
28c0234339 Fix: Issue #2307 (#2439) 
* fix #2307

---------

Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
 2024-12-05 09:53:15 +01:00
Moritz
f57f909e68 Merge pull request #2523 from xusheng6/master 
binja: move the stack string detection to the function level
 2024-12-04 17:43:16 +01:00
Xusheng
02c359f79f binja: move the stack string detection to the function level. Fix https://github.com/mandiant/capa/issues/2516 2024-12-04 17:00:22 +08:00
Xusheng
4448d612f1 binja: fix up the analysis for the al-khaser_x64.exe_ file. Fix https://github.com/mandiant/capa/issues/2507 2024-12-04 09:36:08 +01:00
Xusheng
d7cf8d1251 Revert "skip test where BN misses the function" 
This reverts commit 9ad3f06e1d.
 2024-12-04 09:36:08 +01:00
Moritz
d1f3e43325 vmray: record command line info (#2515) 
* vmray: record command line info
 2024-12-03 19:56:30 +01:00
Capa Bot
83a46265df Sync capa rules submodule 2024-12-03 16:26:33 +00:00
Moritz
0c64bd4985 Merge pull request #2521 from mandiant/fix/2466-cape-model 
make Process model flexible and procmemory optional
 2024-12-03 14:28:29 +01:00
Capa Bot
ed86e5fb1b Sync capa rules submodule 2024-12-03 13:12:36 +00:00
Moritz
e1c786466a Merge pull request #2518 from mandiant/bn/skip-test 
skip test where BN misses the function
 2024-12-03 14:05:24 +01:00
mr-tz
959a234f0e make Process model flexible and procmemory optional 2024-12-03 13:02:19 +00:00
Moritz
e57de2beb4 Merge pull request #2513 from mandiant/dependabot/pip/protobuf-5.29.0 
build(deps): bump protobuf from 5.28.2 to 5.29.0
 2024-12-03 13:33:59 +01:00
Moritz
9c9b3711c0 Merge pull request #2519 from mandiant/ci/pre-commit 
upgrade pre-commit config
 2024-12-03 13:32:54 +01:00
mr-tz
65e2dac4c4 upgrade pre-commit config 2024-12-03 12:09:38 +00:00
mr-tz
9ad3f06e1d skip test where BN misses the function 2024-12-03 11:09:38 +00:00